bix  Degrees  of  spyware 


Galaxy  quest 

Sun  is  attacking  the  low-end  server 
market  with  Opteron-based  servers 
named  Galaxy  PAGE  10. 


Security  Face-off 

Should  anyone  pay  for  vulnerability  information?  3Com’s 
Marc  Willebeek-LeMair,  left,  and  Christopher  Rouland  of 
ISS  square  off.  PAGE  47. 


Powering  up 

Broadband-over-powerline  services  gain 
ground  —  slowly  —  as  an  Internet  access 
option.  PAGE  40. 
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Who  hasn’t 
wanted  to? 

Cell  phone  tossing  contests 
catching  attention  abroad. 


BY  JOHN  COX 

The  most  well-known  phone¬ 
throwing  event  has  been  the 
one  involving  actor  Russell 
Crowe,  who  heaved  a  desk  set  at  a 
New  York  hotel  clerk  in  June. 

But  that  could  be  changing,  albeit  as 
slowly  as  a  Scandinavian  glacier,  as  a  Mobile  phone  throwing 
dedicated  band  of  phone  lovers  and  contestant  lets  one  rip. 
haters  work  to  make  Finland’s  annual  Mobile  Phone  Throwing 
World  Championships  a  must-see  event. 

This  year’s  contest,  in  late  August,  drew  a  record  attendance  of 

See  Throwing,  page  18 


InSite: 


Lessons  from  Leading  Users 


Taxpayers,  disabled  to  gain 
as  paper  pushers  go  digital 


Key  spyware  call: 
Where  to  protect? 


BY  ELLEN  MESSMER 

With  spyware  threatening  corporate  networks, 
whether  it  be  adware  hogging  bandwidth  or  mali¬ 
cious  code  logging  personal  data,  network  execu¬ 
tives  are  being  forced  to  define 
their  defensive  strategies. 

Lots  of  tools  and  software  have  hit 
the  market  recently,  and  network 
executives  are  left  to  decide  which 
weapon  works  best  —  typically 
less-expensive  gateway-based  fil¬ 
ters  or  more-expensive  but  possibly 
more-effective  desktop  software  or, 
even  more  costly  a  combination  of 
the  two. 

The  Network  World  Clear  Choice 
Test  of  enterprise  spyware  (page 
52)  suggests  the  gateway  approach 
might  be  the  best  starting  point  for  IT  managers 
wanting  to  shore  up  defense  quickly 

A  gateway  can  filter  out  spyware  at  least  as  well  as 


desktop  software,  based  on  the  test  of  18  products. 
Tester  Barry  Nance  found  gateways  easier  to  admin¬ 
ister  than  desktop  machines.  Plus,  “users  can’t  fool 
with  it,”  as  they  might  with  their  desktop  software, 
Nance  says. 

Analysts  weighing  the  pros  and 
cons  of  the  basic  strategies  also 
point  out  that  the  cost  to  install  a 
gateway  in  many  instances  is 
going  to  be  low  in  compari¬ 
son  with  installing  anti-spy¬ 
ware  software  on  the  desktop. 
“The  gateway  alternative 
works  reasonably  well  to  reduce 
the  impact  of  spyware,  is  less  ex¬ 
pensive  to  operate  and  maintain 
than  desktop  mitigation, consumes 
fewer  overall  resources  and  is 
readily  controlled,”  says  a  security  report  titled  “Enter¬ 
prise  Strategies  for  Defending  Against  Spyware”  from 

See  Spyware,  page  16 


CLEAR  CHOICE  TEST: 

ENTERPRISE  SPYWARE 


NETWORKWORLD 


[CLEAR  CHOICE  Tpl 


McAfee  wins 
our  test  of 
products  that 
block  spyware  at  the 
gateway;  Tech  Assist  tops 
the  field  for  desktop  anti¬ 
spyware  tools.  Page  52. 


BY  CAROLYN  DUFFY  MARSAN 

With  one  of  the  largest  content 
management  systems  ever  built, 
the  Social  Security  Administration 
is  reaping  the  rewards  of  migrat¬ 
ing  to  a  paperless  office. 

In  2006,  SSA  will  complete  the 


rollout  of  an  $800  million  all-digi¬ 
tal  system  —  known  as  eDIB,  for 
Electronic  Disability  System  —  to 
process  disability  claims  at  nearly 
1,500  locations  nationwide.  SSA 
says  eDIB  will  save  more  than 
See  Social  Security,  page  70 


Vendors  reacting  as  VoIP  nets  mature 


BY  PHIL  HOCHMUTH  AND 
DENISE  DUBIE 

Vendors  are  readying  tools 
that  move  beyond  helping  com¬ 
panies  prep  their  networks  to 
handle  VoIP  and  that  focus  in¬ 
stead  on  how  well  VoIP  net¬ 
works  are  running. 

The  latest  offerings, from  compa¬ 
nies  such  as  Brix  Networks  and 
EMC/SMARTS,  take  into  consider¬ 
ation  that  production  VoIP  net¬ 
works  have  become  more  wide¬ 
spread  and  that  customers  are 
starting  to  identify  specific  man¬ 
agement  obstacles.  New  offerings 
See  VoIP,  page  14 


Management  strategies 

Less  than  one-quarter  of  254  IT  executives  surveyed  say  they 
are  using  mature  tools —  namely,  integrated  service 
management  offerings  —  to  monitor  and  control  their 
production  VoIP  networks. 


SOURCE:  THE  YANKEE  GROUP 


Pro-deployment  testing 
and  assessment  tools 

24.41% 


Integrated  performance, 
availability  and  service 
management  tools  in 
production  net  23.62% 


No  IP  telephony  implementation 

17.32% - 


Managed  st 
services  7 


Equipment  vendor  tools  in 
production  net  10.24% 


Passive  monitoring  in 
production  net  16.54% 


New  Websense  Security  Labs  spyware  webcast:  see  pg.  #  31 
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PLUS:  TANGIBLE  BUSINESS  BENEFITS  ★  BEST  PRACTICES  FOR  BEST  RESULTS 

OVER  10  YEARS  OF  WORLD-CLASS  INTEGRATION  EXPERTISE 
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A  FASTER,  EASIER  WAY  TO  SUPPORT  FOR  OVER  UNPARALLELED  INDUSTRY 

IMPLEMENT  TRUE  SOA  80  O.S.  CONFIGURATIONS  KNOWLEDGE  A  PROCESS  SKILL 


IBM  MIDDLEWARE.  POWERFUL.  PROVEN. 

FIGHT  BACK  AT  WWW.IBM.COM/MIDDLEWARE/SOA.  THIS  IS  A  RIPAND-REPLACEFREE  EVENT. 

IBM,  the  IBM  logo  and  WebSphere  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  ©2005  IBM  Corporation.  All  rights  reserved. 
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Gateway's  convertible  notebook  has  a  14- 
inch-wide  screen  and  recovery  system  that 
works  like  LoJack  to  recover  lost  or 
stolen  systems.  Page  46. 
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Enterprise  spyware 

McAfee  wins  our  test  of  products  that  block  spy- 
ware  at  the  gateway;  Tech  Assist  tops  the  field 
for  desktop  anti-spyware  tools.  Page  52. 


Should  security  vendors  pay  for  vulnerability  information?  3Com's  Marc 
Willebeek-LeMair  and  Christopher  Rouland  of  ISS  square  off.  Page  47. 
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Podcast:  Multicore  processors  and 
server  virtualization 

Enterprise  computing  expert  Vernon 
Turner  talks  about  the  impact  of  multi- 
core  processors  and  server  virtualiza¬ 
tion  technology  on  enterprise  data  cen¬ 
ters  DocFinder  8829 

Face-off:  Is  it  ethical  for  security  com¬ 
panies  to  buy  vulnerability  information? 
CTOs  Marc  Willebeek-LeMair  of  3Com 
and  Christopher  Rouland  of  ISS  debate 
opposite  sides  of  the  issue.  Read  their 
opinions,  then  head  to  our  forum  to 
face  off  against  them  and  your  col¬ 
leagues.  DocFmder.  8821 

2005  Salary  Calculator 

Are  you  making  what  you're  worth? 
Register  free  and  find  out  how  your 
compensation  compares  to  that  of  your 
peers.  DocFmder  8121 


Online  help  and  advice 


Forum:  Loomitg  IT  staffing  shortage? 

fact  or  fiction?  Many  IT  pros  can’t  see 
the  shortage  hiring  experts  are  pre¬ 
dicting.  See  what  your  colleagues  are 
saying,  then  join  in  with  your  own 
thoughts.  DocFmder  8830 

Kabin's  aftermath:  The  IT  perspective 

Every  day  we  aggregate  the  latest  IT- 
related  Katrina  clean-up  news.  See  how 
much  network  repair  will  cost  wireless 
providers,  the  benefits  of  text  messag¬ 
ing  and  much  more.  DocFinder  8831 

Letters  to  the  etfitor 

Every  week  we  receive  more  letters 
than  we  have  space  to  print.  Head 
online  to  see  what  readers  say  about 
an  expected  IT  staffing  shortage,  the 
reality  of  VoIP  security  concerns,  the 
risk  of  open  Wi-Fi  and  more. 

DocFuider  8832 


Compendium 

Adam  Gaffin  points  you  to  handy  devel¬ 
oper  cheat  sheets:  "So  many  tools,  so 
many  commands  to  remember  Cheat 
Sheet  Roundup  has  30  cheat  sheets 
for  different  languages  and  tools,  from 
JavaScript  to  vi."  DocFinder  8833 

Small  Business  Tech 

Online  backups  win  converts: 


Seminars  and  events 


Columnist  James  Gaskin  examines  why 
one  financial  organization  trusts  eVauft 
more  than  tape.  DocFinder  8834 

Home  Base 

The  perils  of  automated  phone  sys¬ 
tems:  Sandra  Gittlen  says  "suddenly 
systems  that  were  designed  to  be 
more  efficient  look  incredibly 
inefficient."  DocFinder  8835 


Security:  Preventiig  attacks  on  applications  and  data 

The  Technology  Tour  and  Expo  hackers  don’t  want  you  to  attend,  Discover 
products  and  strategies  that  protect  your  core  secrets  without  hindering 
communication  or  the  flow  of  information  between  authorized  users.  Qualify 
now  and  attend  free. 

DocFinder  8836 


BREAKING  NEWS 

Go  online  for  breaking  news  every  day.  DocFinder:  1001 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 
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What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump  directly 
to  the  requested  information. 
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Cisco  reports  vulnerability  in  IOS 

■  Cisco  has  issued  another  vulnerability  alert  for  its  IOS  software. This  one  in¬ 
volves  the  Firewall  Authentication  Proxy  for  FTP  and  Telnet  sessions  feature  in 
some  versions  of  IOS.The  feature  is  vulnerable  to  a  remotely  exploitable  . 
buffer-overflow  condition,  says  a  Cisco  Security  Advisory  issued  last  week. 

The  Firewall  Authentication  Proxy  feature  lets  network  administrators 
apply  security  policies  on  a  per-user  basis.The  affected  software  ver¬ 
sions  are  IOS  12.2ZH  and  12.2ZL,  12.3, 12.3T,  12.4  and  12.4T.  Cisco 
says  it  is  not  aware  of  any  malicious  use  of  the  vulnerability  The 
company  has  made  free  software  available  to  address  the  vulnerabili¬ 
ty  and  published  workarounds  in  the  advisory  to  mitigate  its  effects. 


‘Patch  Tuesday'  looks  light 

■  September  is  starting  to  look  like  a  quiet  month 
for  Microsoft’s  security  response  team.The  company 
said  last  week  that  its  monthly  release  of  security 
fixes,  expected  Tuesday  will  cover  only  one  issue:  an 
unidentified  flaw  in  the  Windows  operating  system. 
The  bug  is  rated  as  critical,  meaning  a  worm  could 
take  advantage  of  it  without  user  action. The  patch, 
called  an  “update”  by  Microsoft,  will  come  as  part  of 
the  company’s  monthly  patch-release  cycle.  Micro¬ 
soft  releases  most  software  patches  on  the  second 
Tuesday  of  each  month,  a  date  that  has  come  to  be 
known  as  “Patch  Tuesday”  by  security  professionals. 
In  August,  Microsoft  released  six  updates  on  Patch 
Tuesday 

Ebbers  to  remain  free  pending  appeal 

■  Former  WorldCom  CEO  Bernard  Ebbers  last  week 
won  six  more  months  of  freedom  when  a  federal 
judge  granted  him  a  reprieve  while  his  lawyers 
appeal  his  conviction.  In  July  Ebbers  was  sentenced 
to  25  years  in  prison  for  his  role  in  the  accounting 
fraud  that  nearly  brought  down  WorldCom,  now 
known  as  MCI.  According  to  reports,  Ebbers  lawyers 
are  appealing  on  grounds  that  the  judge  in  the  case 
gave  the  jury  inappropriate  instructions  about 
Ebbers’  knowledge  of  the  accounting  fraud.  Ebbers 
had  been  expected  to  report  to  a  medium-security 
federal  prison  in  Oakdale,  La.,  on  Oct.  12.  Absent  a 
successful  appeal,  he’ll  likely  report  to  prison  in 
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“I’m  going  to  f . bury  that 

guy,  I  have  done  it  before,  and  I 
will  do  it  again.  I'm  going  to  f— 
—  kill  Google.” 

Microsoft  CEO  Steve  Ballmer  about  Google  CEO  Eric  Schmidt  to 
engineer  Mark  Lucovsky,  according  to  a  sworn  statement,  when 
Lucovsky  told  him  he  was  leaving  Microsoft  for  Google. 

“Mark’s  characterization  of  that 
meeting  is  not  accurate.” 

Ballmer's  response  in  a  written  statement. 

April.  According  to  court  documents  the  judge  says 
she  granted  the  stay  because  Ebbers  is  not  likely  to 
flee  and  because  his  lawyers  raised  questions  that 
could  result  in  a  change  on  his  conviction  and  pos¬ 
sibly  a  new  trial. 

Google  hires  Internet  pioneer  Cerf 

■  Google  has  added  another  feather  to  its  cap  with 
the  hiring  of  Vint  Cerf,  widely  known  as  father  of  the 
Internet.  Cerf  will  leave  MCI  to  join  the  search  com¬ 
pany  as  chief  Internet  evangelist  and  be  responsible 


“Red  Hat  Linux  introduces  its 
new  Technology  Steering 
Committee.  ” 

Jay  Moore  of  Etta,  Miss.,  is  the  winner  of  this 
week's  tilt.  Head  to  Layer  8  every  week  for  a  new 
round  and  enter  to  win. 
www.networkworld.com/weblogs/layer8 


TheGoodTheBadTheUgly 

Katrina  relief.  Network  companies  have  stepped 
up  recently  with  generous  offers  to  help  those  directly 
affected  by  Hurricane  Katrina.  Among  them  is  WebEx,  which 
is  offering  a  free  Web  collaboration  service  for  relief 
organizations  and  small  businesses.  WebEx  is  also 
offering  services  to  help  relief  organizations  pro¬ 
mote  their  programs  and  train  volunteers 
(www.webex.com/go/katrina). 

Weak  Wi-Fi.  A  new  Gartner  study 
cites  educational,  cultural  and  financial 
reasons  for  what  it  concludes  is  a  low  rate 
of  Wi-Fi  hot  spot  use  among  business 
travelers.  With  more  than  60,000  hot 
spots  around  the  globe,  25%  of  U.S.  and 
17%  of  U.K.  business  travelers  use  hot 
spots,  the  study  says. 

<  PC  dump.  Activists  from  Greenpeace 
International  last  Monday  dumped  1,100  pounds  of  used  PCs  outside  the 
Bangalore  headquarters  of  Wipro,  one  of  India's  biggest  outsourcing 
companies.  The  activists  said  they  collected  the  scrapped  Wipro-brand- 
ed  computers- from  recycling  yards  in  India.  In  addition  to  its  out¬ 
sourcing  business,  Wipro  assembles  and  sells  PCs.  "We  want  Wipro  to 
stop  using  hazardous  chemicals  in  the  manufacture  of  their  products, 
and  take  the  responsibility  to  take  back  end-of-life  products  from  its 
customers,"  a  Greenpeace  spokesman  says.  Wipro  is  reviewing  its 
practices. 

for  exploring  new  Internet  applications.  Cerf,  who  is 
also  chairman  of  the  Internet  Corporation  for 
Assigned  Names  and  Numbers,  helped  define  the 
TCP/IP  protocols  while  at  the  U.S.  Defense  Advanced 
Research  Projects  Agency.  “What  I  have  done  in  the 
past  is  not  going  to  be  important  at  Google,”  Cerf  told 
the  Associated  Press.  “What’s  important  at  Google  is 
what  you  are  doing  today  and  what  you  are  going  to 
do  tomorrow. That’s  the  metric  I  will  be  measured  by 
Cerf,  62,  was  senior  vice  president  of  technology  strat¬ 
egy  at  MCI. 

Report  has  eBay  eyeing  Skype 

■  Why  would  an  online  auction  company  be  inter¬ 
ested  in  buying  an  Internet  telephone  company? 
Industry  experts  are  trying  to  answer  that  question 
after  learning  last  week  that  eBay  is  reportedly  in 
talks  to  acquire  Skype,  one  of  the  world’s  largest 
providers  of  VoIP  services.  A  report  in  The  Wall  Street 
Journal  says  eBay  is  considering  paying  between  $2 
billion  and  $3  billion  to  acquire  Skype.That  Skype  is 
talking  to  another  prospective  buyer  shouldn’t  sur¬ 
prise  many  people.  The  Luxembourg-based  VoIP  ser¬ 
vice  provider  already  has  held  negotiations  with  a 
number  of  interested  buyers,  including  News  Corp., 
Microsoft  and  Yahoo,  but  none  of  these  talks  have  led 
to  deals.  And  that  eBay  is  snooping  around  the  mar¬ 
ket  for  a  good  buy  should  equally  come  as  no  big  sur¬ 
prise.  As  its  core  business  online  auction  business 
matures,  the  company  has  been  looking  to  expand 
into  new  product  areas  and  international  markets. 
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»  Security  can’t  keep  pace?  Adding  branch  offices,  remote  users  and  personal  device  after  personal 
device  to  your  network?  Then  call  Juniper  Networks  for  assured  -  and  secure  -  remote  access.  Our 
flexible,  industry-leading  VPN  solutions  vigorously  secure  your  network,  while  delivering  outstanding 
performance  for  an  excellent  network  experience.  Visit  www.juniper.net/vpnguide  for  information  on 
how  to  select  the  best  VPN  solution  for  your  business.  Stunningly  superior  service  and  performance  is 
easy:  simply  Juniper  your  net. 


www.juniper.net 
888-JUNIPER  (888-586-4737) 
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Sun  using  AMD  chips  to  spark  servers 


Whole  new  Galaxy 

Sun  is  hoping  its  Galaxy  servers,  the  first  industry-standard 
systems  enhanced  by  Sun  engineers,  will  recharge  its  business. 


Server 

Features 

Starting  price 

Availability 

X2100 

111,  two-socket,  512M  bytes  of 
memory 

$745,  for  single¬ 
processor  configuration 

Now 

X4100 

1U,  two-socket,  512M  bytes  of 
memory,  service  processor  for 
diagnostics  and  remote 
management,  redundant  cooling, 
and  redundant  power  supplies 

$2,195,  for  single- 
processor  configuration 

Now 

X4200 

2U,  two-socket,  512M  bytes  of 
memory,  service  processor  for 
diagnostics  and  remote 
management,  redundant  cooling, 
and  redundant  power  supplies 

$2,595,  for  single¬ 
processor  configuration 

Now 

BY  JENNIFER  MEARS 
AND  DENI  CONNOR 

Sun  this  week  hopes  to  step 
up  its  position  in  the  exploding 
low-end  server  market  by  intro¬ 
ducing  its  Opteron-based  Galaxy 
machines,  with  a  focus  on  high 
performance,  better  cooling  and 
advanced  manageability 

At  its  quarterly  news  event  in 
New  York,  Sun  is  expected  to  make 
a  number  of  announcements, 
including  the  introduction  of  the 
first  three  Galaxy  servers  —  the 
low-cost  Sun  Fire  X2100  and  the 
enterprise-class  X4100  and  X4200 
(see  graphic).  The  servers  have 
been  in  the  works  since  they  were 
designed  by  Sun  co-founder  Andy 
Bechtolsheim.who  returned  to  the 
computer  maker  when  it  acquired 
Kealia  nearly  two  years  ago. 

The  enterprise-class  X4100  and 
X4200  servers  will  run  at  the  fastest 
clock  speed  available  with 
Opteron  —  2.4-GHz  dual-core  and 
2.8-GHz  single-core  processors  — 
providing  a  10%  increase  in  per¬ 
formance  over  competing  Op¬ 
teron  products,  Sun  executives  say 
Those  CPUs  have  120-watt  heat 
output,  compared  with  95  watts 
for  most  Opteron  systems,  but 
Bechtolsheim’s  design  enables  the 
1U  and  2U  systems  to  handle  the 
hotter  processing. 


For  example,  fans  are  easily 
swapped  out  if  there  is  a  problem. 

“The  most  unreliable  part  in 
today’s  computers  are  the  fans,”  a 
Sun  spokeswoman  says.  “Unlike 
Galaxy  most  systems  overheat  and 
crash  when  a  fan  stops.  With 
Galaxy  systems,  the  other  fans 
simply  increase  in  speed  and  con¬ 
tinue  as  normal. . .  .Swapping  out  a 
fan  is  very  easy  to  do.” 

In  addition,  the  X4 100  and  X4200 
include  redundant  power  sup¬ 
plies  and  a  service  processor  that 
makes  remotely  managing  the 
servers  easy,  says  John  Fowler, 
executive  vice  president  of  the 
network  systems  group  at  Sun. 
Fowler  says  more  Galaxy  products 
will  be  coming  in  the  months 
ahead,  including  an  eight-way  sys¬ 
tem  and  blade  servers. 

John  Groenveld,  associate  re¬ 
search  engineers  at  Penn  State 
Applied  Research  Laboratory  in 
State  College,  Pa., says  he  plans  to 
take  a  close  look  at  the  Galaxy 
servers.  The  research  lab  runs  six 
SPARC  systems,  as  well  as  20  Intel 
servers. 

“Galaxy  is  exciting,  because 
they’ll  be  Sun’s  first  in-house- 
designed  systems,”  Groenveld 
says.“I  expect  Andy  Bechtolsheim 
will  bring  us  some  gee-whiz 
innovations.” 


Analysts  also  are  optimistic 
about  Sun’s  prospects  with  the 
new  servers. 

“It’s  the  first  time  Sun  has  actual¬ 
ly  sat  down  and  designed  a  box 
using  their  own  engineers  and 
applying  their  own  cleverness  to 
an  industry-standard-based  sys¬ 
tem,”  says  Nathan  Brookwood, 
principal  analyst  at  Insight  64.  “In 
that  regard,  it’s  clearly  a  major  step 
forward.lt  demonstrates  that  even 
when  you’re  using  industry-stan¬ 
dard  components,  there  are  plen¬ 
ty  of  opportunities  for  suppliers  to 
differentiate  their  products.” 

At  the  same  time,  industry 
observers  note  that  the  Galaxy 
servers  aren’t  necessarily  the 
game-changing  products  that  Sun 
is  portraying  them  to  be. 

“They’re  certainly  more  compet¬ 
itive  products  than  Sun’s  previous 
Opteron-based  solutions,  but  I 
look  at  this  as  Sun  really  establish¬ 
ing  a  near-parity  position  with  the 
Intel  architecture  servers  that  are 
out  there  from  Dell,  HP  and  IBM,” 
says  John  Enck,  a  research  vice 
president  at  Gartner. 

The  challenge  for  Sun  will  be  to 
break  into  a  market,  where  it  does¬ 
n’t  even  rank  in  Gartner  forecasts. 
IDC  lists  Sun  as  holding  nearly  9% 
of  the  $23.4  billion  x86  market  in 
2004,  behind  IBM,  with  17%;  Dell, 


with  20%;  and  HR  with  32-%. 

In  addition,  Sun  likely  will  focus 
on  selling  Solaris  on  these  sys- 
tems.another  challenge  in  the  x86 
market,  where  Linux  and  Win¬ 
dows  dominate.  Sun  is  tightening 
its  relationship  with  Microsoft, 
however,  and  plans  to  announce 
Sun  Systems  Service  Plans  for  the 
Windows  operating  system,  pro¬ 


viding  hardware  and  Windows 
support  for  Sun  Fire  customers. 

The  company  is  hoping  the  Gal¬ 
axy  servers  will  be  the  key  to  turn¬ 
ing  its  fortunes  around.  Sun  has 
been  struggling  after  the  dot-com 
boom,  when  the  high-flying  sales 
of  its  proprietary  SPARC  systems 
took  a  nose  dive.  While  corporate 
buyers  turned  to  lower-priced 
commodity  systems  from  HR  IBM 
and  Dell, Sun  was  slow  to  embrace 
industry-standard  systems. 

It  introduced  its  first  Intel-based 
boxes  in  2003,  and  later  that  year 
announced  a  wide-ranging  part¬ 
nership  with  AMD  to  sell  Opteron- 
based  systems.  The  server  maker 
introduced  its  first  Opteron  systems 
last  year,  the  v20z  and  the  v40z. 

Further,  Sun  is  trying  to  shore  up 
its  position  in  the  storage  market. 
Acquiring  tape-automation  and 
information  life-cycle  manage 
ment  company  StorageTek  last 
month,  a  series  of  strategic  acquisi¬ 
tions  and  the  availability  of  several 
new  storage  arrays,  tape  libraries 
and  storage  software  should  do  it. 

Among  the  expected  announce 
ments  are  the  introduction  of  the 
Sun  StorEdge  5310  NAS  Appliance 
Gateway  the  StorEdge  3320  SCSI 
array  and  two  StorEdge  Capacity- 
Series  Tape  Libraries.  The  compa¬ 
ny  also  announced  that  it  has 
enhanced  its  StorEdge  Enterprise 
Storage  Manager  4  and  StorEdge 
Data  Replicator  software  to  sup¬ 
port  the  new  Galaxy  servers.  ■ 


HP  to  add  mgntL  to  virtualization  tools 


BY  DENISE  DUBIE 

HP  this  week  is  set  to  announce  new  and 
upgraded  products  that  it  says  will  help  com¬ 
panies  more  easily  roll  out  and  manage  virtu¬ 
alized  servers. 

The  company  also  will  introduce  capabili¬ 
ties  that  will  let  customers  deploy  virtualiza¬ 
tion  on  their  HP  Integrity  servers.  HP  had 
planned  to  share  the  news  this  week  at  the  HP 
Technology  Forum  in  New  Orleans,  but  the 
conference  was  postponed  because  of  the 
devastation  caused  by  Hurricane  Katrina. 

The  HP  news  comes  on  the  heels  of 
announcements  from  competitors  BMC 
Software,  Computer  Associates  and  IBM.  HP  is 
expected  to  detail  products  that  will  help  en¬ 
terprise  network  managers  get  more  visibility 
and  control  of  their  virtualized  server  environ- 
ments.Two  new  software  products,  HP  Integrity 
Essentials  Capacity  Advisor  and  Virtualization 
Manager,  could  help  customers  plan  and 
maintain  virtual  environments,  HP  says.  Capa¬ 
city  Advisor  software  installs  on  a  server  and 
uses  distributed  agents  to  collect  data  on  serv¬ 


er  resources  and  workload  processing.  The 
software  can  also  receive  data  from  tools  in 
HP’s  OpenView  Performance  Management 
suite.  Capacity  Advisor  can  help  IT  managers 
simulate  application  workloads  before 
deploying  the  applications  to  the  virtualized 
servers,  HP  says. 

Virtualization  Manager  could  help  cus¬ 
tomers  maintain  their  virtual  and  physical 
servers  by  providing  configuration  tools  on  a 
single  management  console.  The  software 
plugs  into  HP  Systems  Insight  Manager  5.0, 
software  that  lets  systems  administrators  mon¬ 
itor  Unix,  Windows  and  Linux  servers  from 
one  console.  It  also  allows  IT  managers  to 
modify  workloads,  adjust  virtual  partitions, 
and  manage  physical  systems  on  HP  Integrity 
and  HP  ProLiant  servers,  HP  says. 

The  company  also  an¬ 
nounced  that  HP  Integrity 
Virtual  Machines,  which 
allows  multiple  operating 
system  instances  to  share  a 
CPU  as  well  as  I/O 


resources,  is  expected  to  be  available  later  this 
year  for  HP-UX  lli.  Support  for  Microsoft 
Windows  Server  2003  as  well  as  Linux  is 
planned  for  2006. 

David  Grant,  data  center  manager  for  net¬ 
work  communications  company  Mitel,  based 
outside  of  Ottawa,  says  he  is  waiting  for  the  In¬ 
tegrity  tools  to  upgrade  his  current  HP  server 
rollout.  He  consolidated  12  servers  into  two 
clustered  HP  9000  rp8420  servers  to  support 
business-critical  applications  such  as  SARand 
uses  products  such  as  HP-UX  Workload 
Manager  to  track  and  manage  resources. 

“Now  we  can  pull  back  computing 
resources  from  systems  that  don’t  need  them 
and  better  use  what  used  to  be  virtual  wasted 
resources,”  he  says.The  virtual  I/O  on  Integrity 
Itanium  servers  would  increase  that  flexibility 
further  for  us.” 

The  two  software  prod¬ 
ucts  are  expected  to  be 
available  in  December.  HP 
says  pricing  will  be  deter¬ 
mined  at  that  time.B 
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Microsoft  weaves  workflow  plan 

Professional  Developers  Conference  expected  to  emphasize  realignment  of  workflow  capabilities. 


BY  JOHN  FONTANA 

Microsoft  this  week  plans  to 
unveil  at  the  Professional  Devel¬ 
opers  Conference  a  new  work- 
flow  subsystem  for  its  client  and 
server  operating  systems  that 
will  become  a  foundation  ser¬ 
vice  available  on  the  Windows 
platform. 

The  company  will  take  the 
wraps  off  Windows  Workflow 
Foundation,  which  will  pull  to¬ 
gether  a  number  of  current  work- 
flow  technologies  spread  through¬ 
out  Windows  products,  including 
Windows  Workflow  Services 
(WWS,  formerly  called  Windows 
Orchestration  Engine). 

The  single  technology  will  pro¬ 
vide  a  common  service  for  build¬ 
ing  workflow  to  support  business- 
process  automation  in  places 
such  as  Office-based  collabora¬ 
tive  applications,  composite  Web- 
services  applications,  Microsoft’s 
business  applications  and  the 
provisioning  capabilities  of  Mi¬ 
crosoft’s  identity  management 


platform. 

Critics,  however,  wonder  what 
other  products  will  be  required 
to  run  Workflow  Foundation 
and  how  open  it  will  be,  espe¬ 
cially  given  that  numerous  ven¬ 
dors  provide  proprietary  work- 
flow  engines  for  their  Windows 
applications. 

Also  at  the  conference,  Microsoft 
plans  to  introduce  a  number  of 
corporate  servers  for  its  Office 
System,  mostly  designed  around 
Version  3.0  of  Windows  Share- 
Point  Services,  which  includes 
content  management  and  online 
workspace  tools.  The  company 
also  plans  to  offer  a  range  of  new 
tools,  including  Atlas,  for  develop¬ 
ing  sophisticated  Web-based  ap¬ 
plications  using  Asynchronous 
JavaScript  and  XML. 

A  major  topic  will  be  Vista,  the 
client  operating  system  first  dem¬ 
onstrated  at  the  Professional 
Developers  Conference  2003, 
when  it  was  called  Longhorn  and 
before  some  of  its  core  features 


were  removed. 

“They  need  to  tell  everybody 
what  Windows  Vista  is,”  says  Joe 
Wilcox,  an  analyst  with  Jupiter 
Research.  “We  know  what  it  isn’t 
because  of  all  the  things  that  were 
removed.” 

Added  is  Workflow  Foundation, 
an  operating  system  subsystem 
that  joins  Windows  Presentation 
Foundation  (formerly  Avalon), 
which  supports  rich  interfaces. 
Included  is  Windows  Communi¬ 
cations  Foundation  (formerly  In¬ 
digo),  middleware  to  support  ser¬ 
vice-oriented  applications.  Both 
subsystems  have  been  back-port¬ 
ed  to  XP  and  Server  2003,  but  it  is 
not  clear  if  Workflow  Foundation 
will  join  them. 

Microsoft  briefly  mentioned 
Workflow  Foundation  last  week  at 
its  Business  Summit,  where  it  laid 
out  the  future  of  its  business  appli¬ 
cations  that  were  rebranded 
Microsoft  Dynamics. 

“What  this  means  is  somewhere 
in  these  products  is  a  workflow 


engine  so  a  developer  can  specify 
workflow  associated  with,  say  pro¬ 
cessing  an  invoice  and  automate 
many  of  the  manual  steps  a  work¬ 
er  may  have  to  do  ad  hoc  today’ 
says  Chris  Alliegro,  lead  analyst  for 
IT  products  and  strategies  at  inde¬ 
pendent  research  firm  Directions 
on  Microsoft  “As  far  as  the  business 
applications  go,  Microsoft  has 
talked  about  model-driven  pro¬ 
cesses  where  there  is  some  under¬ 
lying  workflow  technology’ 

Microsoft’s  plan  is  to  create  a 
single  workflow  technology 
based  on  the  operating  system 
that  is  available  platformwide. 
That  plan,  however,  raises  ques¬ 
tions  about  implementation, 
according  to  some. 

“Is  Microsoft  building  this  so  it  is 
open . .  .and  what  are  they  doing  to 
attract  partners  to  it?”  asked  one 
Microsoft  partner.  “If  you  have 
Oracle  apps,  will  those  be  able  to 
use  the  Microsoft  workflow  en¬ 
gine?  All  the  identity  management 
tools  have  workflow  built  in.  IBM, 


Chambers  lectures  on  China,  buyouts 


BY  PHIL  HOCHMUTH 

CAMBRIDGE,  Mass.  —  Cisco  CEO  John 
Chambers  described  the  need  for  his  firm  to 
develop  the  network  market  in  China  and  the 
company’s  strategy  on  acquisitions  at  a  lecture 
last  week  at  the  Massachusetts  Institute  of 
Technology 

In  a  wide-ranging  talk  for  students  and  facul¬ 
ty,  Chambers  said  China  poses  great  opportu¬ 
nity  for  Cisco,  as  the  country  has  an  increas¬ 
ingly  higher-educated  pool  of  engineers  and  is 
training  10  times  as  many  workers  in  engi¬ 
neering,  math  and  science  as  the  U.S.  The 
salary  gap  between  engineers  in  China  and 
other  parts  of  the  world  also  will  force  Cisco  to 
be  more  productive  on  a  revenue-per-employ- 
ee  basis,  with  the  potential  of  moving  more 
research  and  engineering  work  overseas. 

“I’m  proud  [Cisco  is]  an  American  company 
but  my  jobs  will  go  to  wherever  the  best  infra¬ 
structure  is,”  said  Chambers,  who  spoke  at  the 
new  Stata  Center,  the  Frank  Gehry-designed 
research  center  that  Cisco  donated  money  to 
build.  Several  thousand  Fast  Ethernet,  Gigabit 
and  10  Gigabit  Ethernet  switch  ports  are 
installed  in  the  building. 

He  half-jokingly  said  Cisco  would  later  be 
taking  applications  on  MIT’s  campus. 

The  facilities,  resources  and  talent  pool 
China  provides  for  U.S.  companies  is  hard  to 


ignore,  he  said.The  Chinese  govern¬ 
ment  has  promised  that  20%  to  26% 
of  its  students  will  graduate  in  engi¬ 
neering  and  math,  Chambers  said. 

Around  30%  of  Cisco’s  workforce  is 
either  based  in  China  or  includes 
employees  from  the  country,  he 
added.This  year,  Cisco  also  opened 
a  $32  million  research  and  develop¬ 
ment  center  in  China. 

“We’re  not  preparing  students  in 
this  country’  to  compete  with  that, 
he  said. “We  have  to  create  an  envi¬ 
ronment  where  more  students  go 
into  math  and  science.” 

The  wage  gap  between  U.S.  and  Chinese 
engineers  is  also  shaping  how  Cisco  allocates 
its  resources  and  people. 

“My  workforce  has  to  be  five  times  as  pro¬ 
ductive  in  this  country  than  the  rest  of  the 
world,’ ’he  said, because  engineers  in  India  and 
China  average  around  $40,000  a  year  in  salary 
while  U.S.-based  high-tech  workers  make 
upwards  of  $250,000. 

Chambers  said  Cisco’s  $700,000  of  revenue 
per  employee  last  year  was  three  times  greater 
than  Cisco’s  top  competitors.“But  if  I  don’t  take 
that  to  $1  million  [of  revenue  per  employee], 
then  I  won’t  be  profitable  in  five  years.” 

The  tools  and  practices  Chambers  described 


for  making  his  workforce  more  pro¬ 
ductive  included  many  of  Cisco’s 
advanced  technology  offerings  — 
such  as  IP  telephony  and  video  for 
collaboration,  high-speed  networks 
for  ubiquitous  access  to  data  and 
mobility  technologies  such  as  wire¬ 
less. 

As  for  Cisco’s  acquisition  strategy 
Chambers  said  the  company  will 
continue  to  buy  smart,  small  and 
local  companies. 

“We  never  acquire  a  company  if 
it  is  not  strategic  to  us,”  he  said. 
Cisco  will  continue  to  make  small  acquisitions 
to  enter  new  markets  to  bolster  its  technology 
offerings  or  to  enhance  the  capabilities  to  its 
advanced  technology  products.”  He  said  part 
of  the  key  to  acquisition  success  is  integration. 

“When  [Cisco]  acquires  a  company,  we  are 
acquiring  a  next-generation  product  or  tech¬ 
nology,  but  we’re  also  acquiring  people,”  usu¬ 
ally  at  a  cost  of  around  $1  million  per  person. 
He  said  that  most  acquisitions  in  the  industry 
see  40%  of  employees  of  the  acquired  com¬ 
pany  leave  after  two  years,  while  Cisco  has 
kept  its  attrition  rate  of  acquired  employees  at 
about  2%. 

“If  you  can’t  retain  the  people  after  an  acqui¬ 
sition,  it’s  not  worth  it.”  ■ 


Networks  in  China 
offer  opportunities 
for  Cisco,  CEO  John 
Chambers  said  last 
week. 


CA,  Oracle  and  Novell  use  differ¬ 
ent  workflow  engines.  We  have 
gone  from  eliminating  some  re¬ 
dundant  infrastructure  like  direc¬ 
tories  and  now  are  going  to  have 
extra  workflow  infrastructure?" 

Today,  Microsoft  has  several 
products  with  their  own  workflow 
technology  that  will  give  way  to 
Workflow  Foundation  and  that 
show  some  of  the  products  the 
technology  will  require  to  run. 

Microsoft  is  developing  a  version 
of  Microsoft  Identity  Integration 
Server,  code-named  Gemini,  that 
features  integrated  workflow 
based  on  WWS.  Gemini,  slated  to 
ship  in  2007,  also  will  be  built  into 
the  operating  system,  where  it 
would  sit  alongside  Workflow 
Foundation. 

Gemini  relies  on  SQL  Server  to 
store  workflow  data,  such  as  the 
state  of  a  workflow,  and  presum¬ 
ably  Workflow  Foundation  would 
have  the  same  requirements. 

The  WWS  technology  is  also 
being  used  in  BizTalk  Server 
2006,  which  went  into  beta  in 
July  and  is  a  workflow  orchestra¬ 
tion  engine. 

BizTalk  2004  includes  a  technol¬ 
ogy  called  Human  Workflow  Ser¬ 
vices  (HWS),  which  supports 
automated  business  processes 
that  involve  humans  routing  doc¬ 
uments.  HWS  is  included  in  Biz¬ 
Talk  2006  but  is  being  phased  out, 
sources  say  in  favor  of  Workflow 
Foundation. 

In  addition,  Workflow  Founda¬ 
tion  would  be  used  to  tie  together 
Web  services  to  support  specific 
business  processes,  such  as  filling 
an  order,  and  would  integrate  with 
Communications  Foundation,  a 
type  of  enterprise  service  bus 
middleware  to  handle  protocol 
translation  and  other  services. 

Office,  which  is  the  interface  for 
Microsoft’s  collaboration  plat¬ 
form,  also  will  tap  into  Workflow 
Foundation  to  support  collabora¬ 
tive  applications,  most  notably 
those  built  around  Windows 
ShareFbint  Services.The  workflow 
could  be  used  for  tasks  such  as 
supporting  the  life  cycle  of  docu¬ 
ments  in  online  workspaces  built 
around  SharePoint,  and  Office 
servers  that  Microsoft  is  expected 
to  introduce  at  Professional  De¬ 
velopers  Conference  for  applica¬ 
tions  such  as  Word  and  Excel.  ■ 
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VeriSign’  Security  Services 

Countless  compliance  issues.  One  simple  solution. 


Verisign's  complete  suite  of  security  solutions  helps  you  achieve  and  sustain  compliance  with  today's  industry 
and  regulatory  requirements.  The  combination  of  our  intelligent  infrastructure,  unique  visibility  into  global 
security  trends,  and  unsurpassed  security  knowledge  provide  more  effective  risk  management  and 
comprehensive  compliance.  Our  cost-effective,  managed-services  model  leverages  existing  in-house  resources 
and  processes— enabling  you  to  focus  on  growing  your  business.  VeriSign.  Where  it  all  comes  together.™ 

•  Managed  Security  Services  for  24/7  network  management,  host-log  monitoring,  and  security  intelligence 

•  Messaging  Security  and  Compliance  Services  for  email  archiving  and  anti-virus  protection 

•  Global  Security  Consulting  for  compliance  risk  assessments,  strategies,  and  certification 

•  Unified  Authentication  for  two-factor  authentication 

B  Learn  how  to  achieve  and  maintain  compliance  with  the  white  paper,  Optimizing  Enterprise  Security  Compliance, 
available  at  www.verisign.com/dm/gsc. 


C200S  VeriSign.  Inc  All  rights  reserved  VeriSign,  the  VeriSign  logo.  ’Where  it  ell  comes  together,* 


I  other  trademarks.  service  marks.  end  designs  are  registered  or  unregistered  trademarks  of  VeriSign  and  its  subsidiaries  in  the  United  States  and  in  foreign  countries 
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VoIP 

continued  from  page  1 

will  address  issues  such  as  trou¬ 
bleshooting,  performance  and 
availability 

“It’s  the  nuances  of  converged 
networks”  that  companies  are 
dealing  with  now,  says  Michael 
Thurk,  group  vice  president  of 
Avaya’s  enterprise  communica¬ 
tions  group. 

VoIP  management  is  expected 
to  be  a  hot  topic  at  next  week’s 
Voice  on  the  Net  (VON)  confer¬ 
ence  in  Boston,  where  a  host  of 
product  rollouts  are  scheduled. 
While  the  show  caters  largely  to 
carriers  and  their  VoIP  concerns, 
plenty  of  corporate  network 
issues  also  will  be  discussed  and 
debated,  including  security  and 
Session  Initiation  Protocol  devel¬ 
opments. 

Among  the  companies  planning 
announcements  at  the  event  is 
Apparent  Networks,  which  says  a 


work  and  analyzes  returning  data 
to  determine  router  configura¬ 
tions,  network  latency  and  appli¬ 
cation  delivery  times.  It  includes 
software  installed  on  a  dedicated 
server  as  well  as  software  agents 
—  what  Apparent  calls  se¬ 
quencers  —  installed  on  servers 
in  key  data  centers.  The  server 
software,  which  starts  at  $170,000, 
manages  the  distributed  agents. 

EMC  also  intends  to  get  into  the 
voice  management  market,  which 
IDC  estimates  will  more  than 
triple  from  $103  million  this  year 
to  $320  million  in  2009.  Through 
its  SMARTS  purchase  completed 
in  February,  EMC  plans  to  offer 
VON  attendees  a  peek  at  its 
EMC/SMARTS  VoIP  Manager  1.0 
software  bundle.  Expected  to  ship 
by  year-end,  the  software  is  de¬ 
signed  to  help  companies  mea¬ 
sure  the  availability  of  their  voice 
applications  across  large  net¬ 
works  as  well  as  provide  insight 
into  performance. 


^  If  VoIP  could  be  man¬ 
aged  through  a  single 
element  manager,  then  that 
would  position  us  similar 
to  where  we  were  with 
traditional  telephone 
systems.  W 

Martin  Webb,  manager  of  data  network  opera¬ 
tions,  province  of  British  Columbia 


new  release  of  its  AppareNet  En¬ 
terprise  Voice  product  has  trou¬ 
bleshooting  and  ongoing  moni¬ 
toring  features.  A  version  released 
earlier  this  year  focused  mainly 
on  predeployment  assessment. 

Martin  Webb,  manager  of  data 
network  operations  for  the  prov¬ 
ince  of  British  Columbia, Victoria, 
has  been  beta  testing  the  new  ver¬ 
sion  and  says  the  software  could 
help  him  determine  performance 
of  voice  before  getting  end-user 
complaints. 

“AppareNet  has  the  ability  to  test 
quality  of  service  and  simulate 
simultaneous  call  loads  and  re¬ 
port  [mean  opinion  score], which 
directly  relate  to  the  end-user  ex¬ 
perience,”  he  says.  “Without  being 
able  to  measure  [mean  opinion 
score],  we  would  be  strictly 
dependent  upon  user  feedback  to 
determine  overall  service  perfor¬ 
mance.” 

AppareNet  Enterprise  Voice  soft¬ 
ware  sends  packets  across  the  net¬ 


The  software  installs  on  multiple 
servers  in  a  large  company  and 
uses  existing  instrumentation, 
native  interfaces  and  tools  such  as 
SNMP  to  collect  availability  and 
performance  statistics  from  net¬ 
work  and  voice  gear.  It  includes 
features  to  help  customers  mea¬ 
sure  application  and  TCP  port 
availability  and  monitor  perform¬ 
ance  from  hosts  to  IP  phones. 
EMC/SMARTS  says  the  VoIP  man¬ 
agement  bundle  will  provide  dis¬ 
covery  and  alarm  mapping  for 
Cisco  and  Nortel  gear,  with  plans 
to  add  other  vendor  gear  such  as 
Avaya. 

Pricing  has  yet  to  be  deter¬ 
mined.  EMC/SMARTS  expects  the 
product  to  compete  with  similar 
offerings  from  vendors  such  as 
HP  and  Micromuse. 

Brix  Networks  is  expected  to  an¬ 
nounce  its  BrixManage  product  at 
the  show.  BrixManage  lets  net¬ 
work  staff  monitor  call  quality 
availability  and  bandwidth  utiliza¬ 


tion  of  IP  telephony  traffic  across 
a  corporate  WAN  and  LAN,  the 
vendor  says. 

Visual  Networks  has  a  new  suite 
of  traffic-shaping  hardware  on  tap 
for  corporate  VoIP  networks.  The 
offerings  complement  the  compa¬ 
ny’s  UpTime  Select  products, 
which  manage  data  from  WAN / 
IAN  devices.The  add-on  products 
let  users  set  thresholds  for  VoIP 
traffic  utilization  and  set  aside 
bandwidth  for  voice  packets. 


Avaya’s  Thurk  says  telecom  man¬ 
agers  who  are  now  working  with 
IP  have  different  expectations  of 
how  networks  should  operate 
from  those  in  the  TCP/IP  realm. 

“We’re  migrating  a  client  base 
that  is  used  to  98  seconds  of 
downtime  a  year)  he  says. 

With  only  about  4%  of  the 
approximately  400  million  busi¬ 
ness  telephone  lines  installed 
now  converted  to  II)  Thurk  says, 
the  opportunity  for  technologies 


that  can  smooth  TDM-to-IP  transi¬ 
tions  is  good. 

As  users  see  more  of  their  VoIP 
networks,  they’re  also  getting  a 
better  feel  for  what  they  would 
like  to  see  vendors  deliver  on  the 
management  front. 

“If  VoIP  could  be  managed 
through  a  single  element  manag¬ 
er ...  [then  that]  would  position  us 
similar  to  where  we  were  with  tra¬ 
ditional  telephone  systems,” 
British  Columbia’s  Webb  says.  ■ 


IBM/Lotus  releases  next 
version  of  Notes/Domino 


BY  JOHN  FONTANA 

IBM/Lotus  last  week  released  Notes/Domino  7.0, 
the  newest  version  of  its  collaboration  software  and 
the  latest  step  in  its  plan  to  merge  the  platform  and 
its  Java-based  Workplace  initiative. 

The  7.0  release  focuses  mostly  on  the  Domino  serv¬ 
er,  including  performance  and  management  en¬ 
hancements  designed  so  users  can  more  easily  man¬ 
age  and  more  cost  effectively  run  the  software. 

New  administration  features  include  a  Linux-based 
Web  Administration  client  and  tighter  integration 
with  Web  services  standards,  as  well  as  back-end 
hooks  to  IBM’s  DB2,  WebSphere  Application  Server 
and  WebSphere  Portal. 

Lotus  has  added  client-side  features,  including  its 
first  effort  at  integration  of  Notes  and  its  Workplace 
Managed  Client,  and  updates  to  Domino  Designer, 
including  deeper  integration  with  Web  services. 

IBM/Lotus  has  been  developing  the  next  version  of 
its  Java-based  Workplace  platform,  which  will  even¬ 
tually  incorporate  the  Notes  client  into  its  Eclipse- 
based  Managed  Client  framework.  The  platform  will 
let  users  run  their  existing  Notes  applications,  Java- 
based  applications  or  a  blending  of  the  two. 

Jim  Tieri,  IT  director  for  Holland  Co.,  which  manu¬ 
factures  railroad  equipment,  says  he  is  not  worried 
about  the  Notes-to-Workplace  transition,  having 
made  the  jump  from  Exchange  to  Notes/Domino. 
“The  majority  of  the  Notes  development  that  we  are 
doing  is  handled  by  our  [systems  integrators]  and  I 


am  entrusting  them  with  making  sure  that  the  code, 
going  forward  to  Workplace,  is  going  to  be  handled,” 
he  says. 

In  terms  of  better  performance,  IBM/Lotus  officials 
say  Domino  7.0  can  handle  25%  to  80%  more  users, 
and  CPU  utilization  is  down  25%  over  corresponding 
workloads  on  older  versions  of  the  collaboration 
software. 

In  addition, Version  7.0  enables  users  to  run  a  com¬ 
plete  Linux  platform,  with  Domino  running  on  Linux, 
the  Domino  Web  Administration  available  on  Linux 
and  Firefox  as  the  browser.  Also,  IBM/Lotus  last 
month  unveiled  an  upcoming  version  of  its  Notes 
plug-in  that  will  run  on  Linux. 

Notes/Domino  7.0  represents  one  step  along  the 
road  map  IBM/Lotus  has  proposed,  including  the 
unveiling  earlier  this  year  of  the  next  Notes  client, 
code-named  Hannover.  The  client  will  merge  the 
Notes  client  with  IBM’s  new  Workplace  technology. 

The  intent  is  to  give  users  a  single  client  that  can  ac¬ 
cess  messaging  features,  Notes  applications  and  non- 
Notes  applications  running  on  IBM’s  middleware. 

“One  of  the  reasons  that  this  is  a  remarkable  re¬ 
lease  is  that  many  people  thought  they  would 
never  see  it,”  says  Peter  O’Kelly,  an  analyst  with 
Burton  Group. 

“Many  thought  that  Notes  would  be  taken  out  in 
favor  of  Workplace.,”  he  adds.“So  7.0  is  important  in 
two  respects:  it  reaffirms  IBM  is  serious  about  Notes/ 
Domino  going  forward.”  ■ 


Map  to  a  merger 

IBM/Lotus  last  week  released  Notes/Domino  7.0  and  plans  to  release  Version  8.0  in  the  next  12  to  18 
months.  As  part  of  the  evolution,  Notes/Domino  and  IBM's  Java-based  Workplace  collaboration  will 
begin  to  merge. 


May  2005 

IBM/Lotus  ships  Workplace  Collaboration  Services  25,  a  set 
of  collaborative  components  (IM,  messaging,  conferencing). 

\  I - 


—  August  2005 

Release  of  Workplace  Designer,  a  rapid  application 
development  tool  designed  to  attract  users  of  Domino 
Designer. 


2005 

June  2005 

t  i 

2006 

Sept.  1, 2005 

t 

July  2906 

IBM/Lotus  announces  Hannover  client  (formerly  known  as  Notes 

IBM/Lotus  releases 

Public  beta  of  Hannover  due  in  the 

8),  which  will  merge  the  Notes  and  Workplace  clients. 

Notes/Domino  7.0. 

first  half  of  the  year. 

I 


To  tnuly  understand 

the  advantage  of  our  in-line 

intrusion  prevention  system, 


REMO 

VOUR 


ING 
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Netftpp  rolls  out 
Oracle  back-up  tool 

BY  DENI  CONNOR 

Network  Appliance  this  week  is  expected  to  introduce  software  that 
automatically  backs  up  Oracle  databases,  thus  dispensing  with  com¬ 
plicated,  error-prone  manual  processes. 

SnapManager  for  Oracle  automates  the  backup  and  recovery  of 
Oracle  databases  running  on  Network  Appliance  file  servers.The  soft¬ 
ware  takes  a  snapshot  of  the  Oracle  environment  and  isolates  indi¬ 
vidual  databases  and  their  related  code  to  back  them  up. 

Ordinarily  in  backing  up  Oracle  databases,  IT  or  database  adminis¬ 
trators  write  complex  scripts  that  back  up  data  in  multiple  Oracle  vol¬ 
umes  and  data  sets. 

Rich  Cappellano,  global  head  of  infrastructure  for  Susquehanna 
International  Group  in  Bala  Cynwyd,  Pa.,  is  testing  SnapManager  for 
Oracle. 

“Before  using  SnapManager,  we’d  use  [Remote  Monitoring]  and  a  lot 
of  custom  scripting,”  Cappellano  says.  “It  was  a  pain  in  the  neck, 
because  when  you  wanted  to  restore  something,  you’d  have  to  go 
back  and  get  the  whole  environment  —  the  log  files,  the  database  — 
and  you’d  have  to  remember  which  one  goes  with  which  one.” 

Cappellano  has  12  Oracle  databases  spread  across  27  Network 
Appliance  file  servers. 

“SnapManager  for  Oracle  has  all  the  intelligence  to  automatically 
do  what  we  had  to  do  manually  before,”  Cappellano  says,  adding  that 
he  has  been  able  to  reduce  back-up  time  by  as  much  as  50%. 

SnapManager  for  Oracle  is  integrated  with  Oracle’s  Automatic 
Storage  Management  software. 

“Offerings  such  as  Oracle  Snap  Manager  also  reduce  the  complexity 
of  integrating  data  protection  functionality  with  the  database,”  says 
Stephanie  Balouras,  senior  analyst  with  The  Yankee  Group. 

The  software  also  allows  cloning  with  Network  Appliance’s  Flex- 
Clone  technology.  Cloning  is  a  writable  snapshot  of  a  database  that 
creates  a  copy  of  the  database  to  run  queries  against,  test  the  database 
or  upgrade  the  environment. 

“Cloning  is  very  common  with  large  databases,  especially  to  reduce 
long  back-up  windows,”  Balouras  says. 

The  SnapManager  for  Oracle  Backup  Wizard  allows  database  ad¬ 
ministrators  or  storage  administrators  to  create  a  template  for  backing 
up  Oracle  databases.This  wizard  also  allows  IT  to  create  rules  regard¬ 
ing  the  retention  of  backups. 

SnapManager  for  Oracle  is  in  beta  and  will  cost  between  $5,000  and 
$50,000,  depending  on  the  size  of  a  company’s  Network  Appliance  file 
servers.  ■ 

Oracle  snapshots 

Network  Appliance's  new  software  is  designed  to  safeguard 
data  in  Oracle  databases  that  run  on  Network  Appliance  filers. 
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An  IT  administrator  can  choose 
whether  to  restore  from  a  full 
backup  of  data  or  from  an 
incremental  or  selective  backup. 
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Once  the  administrator 
has  chosen  which 
database  to  restore, 
he  can  select  individual 
files  as  well. 
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Spyware 

continued  from  page  1 

Burton  Group. 

But  Burton  Group’s  stance 
toward  anti-spyware  gateways 
comes  with  several  provisos.  One 
is  that  organizations  might  want 
to  deploy  anti-spyware  software 
on  desktops  if  they  have  a  sub¬ 
stantial  number  of  mobile  desk¬ 
tops  that  can  become  infected. 
Burton  Group  urges  IT  managers 
buying  for  desktops  to  make  sure 
anti-spyware  products  integrate 
with  other  technologies,  such  as 
network  admission  controls  and 
anti-virus  defense. 

Using  both  gateway  and  desk¬ 
top  software  anti-spyware  will  in¬ 
crease  protection  but  clearly  adds 
costs  that  could  be  hard  to  justify 
under  a  tight  budget,  a  Burton 
Group  report  notes.  “The  added 
cost  and  inconvenience  of  run¬ 
ning  redundant  systems  may  not 
be  justifiable  for  the  low-risk  sys¬ 
tems  associated  with  spyware,”  the 
report  says. 

In  all,  Burton  Group  says  any 
organization  that  considers  its 
network  environment  “low-risk” 
may  want  to  forgo  buying  anti-spy- 
ware  protection  at  all  (see  graph¬ 
ic).  That’s  because  the  anti-spy- 
ware  market  is  still  young.  Industry 
consolidation  is  expected  to 
occur  quickly 

There  are  an  estimated  35,000 
species  of  spyware,  with  more 
spawned  every  day  But  security 
vendors  don’t  have  the  same 
name  or  classification  systems.  At 
Symantec,  whose  traditional 
strength  has  been  anti-virus,  the 
Trojans,  bots  and  worms  are  clas¬ 
sified  as  “malicious  code.”  But  “spy- 
ware”  is  simply  “any  program  you 
probably  don’t  want  on  your 
machine,”  whether  it  be  dialers  or 
adware,  says  Symantec’s  director 
of  security  response,  David  Cole. 

He  notes  this  definition  is  dif¬ 
ferent  from  that  accepted  by  the 
“pure  play”  anti-spyware  prod¬ 
uct  vendors  without  the  anti¬ 
virus  background,  which  classi¬ 
fy  bots,  Trojans  and  keyloggers 
as  spyware. 

In  any  case,  detection  mecha¬ 
nisms  for  these  thousands  of  dis¬ 
puted  spyware  types  can  be  ex¬ 
pected  to  improve.  The  Network 
World  test,  for  example,  found  a 
top  detection  and  eradication 
rate  to  be  at  90%,  achieved  by  the 
McAfee  Secure  Web  Gateway 

Few  expect  demand  for  spyware 
products  to  stay  small  for  long. 
Radicati  Group, a  consultancy  esti- 


Weighing  spyware 
defense  strategies 

Lower-risk  networks 

•  Cost  of  absolute  security  from 
spyware  may  exceed  cost  of 
occasional  infestations. 

Higher-risk  networks 

•  Place  protection  at  gateways.  Less 
expensive  than  desktop  mitigation, 
consumes  fewer  resources,  readily 
controlled.  Partially  effective  but 
reduction  is  significant,  cost  is 
low. 

•  Protection  on  user  workstations. 
Especially  important  to  organ¬ 
izations  with  large  mobile  work¬ 
forces. 

•  Protection  at  both  workstation 
and  gateway.  Increases  effective¬ 
ness  but  adds  cost,  which  may 
not  be  justifiable  for  some 
organizations. 

SOURCE:  BURTON  GROUP 


mates  the  market  is  at  about  $100 
million  today  and  wilk  rise  to 
more  than  $1  billion  in-the  next 
four  years. 

Users  agree  they’ll  be  spending 
more  whatever  strategy  they 
choose.  Although  his  budget  is 
strained  by  other  IT  expenditures, 
including  an  e-commerce  over¬ 
haul,  Erik  Goldof,  IT  systems  man¬ 
ager  at  HoneyBaked  Ham,  says 
the  spyware  threat  is  big  enough 
that  he’s  trying  to  determine 
which  protection  would  be  best 
for  his  company 

“Spyware  steals  CPU,  and  multi¬ 
ple  adware  products  on  the  desk¬ 
top  bring  it  to  a  halt,”  at  the  spe¬ 
cialty  foods  supplier  in  Norcross, 
Ga.,  Goldof  says.“What  gives  them 
the  right  to  do  this!” 

Even  public  schools  now  feel  an 
urgency  about  combating  spy- 
ware. 

The  Northern  Buckeye  Educa¬ 
tional  Council,  in  Archbold,  Ohio, 
provides  technology  support  and 
Internet  services  to  37  K-12  pub¬ 
lic-school  districts  in  the  state. 
Duane  Baker,  CTO  for  the  group, 
says  IT  administrators  found  it 
appalling  to  discover  that  school- 
children’s  laptops  were  infested 
with  spyware,  which  relayed  chil¬ 
dren’s  Web  activity  to  unknown 
sources.  “These  kids  click  on 
things  and  they  get  it,”  Baker  says. 

Student  laptops  were  becoming 
so  clogged  with  spyware  they 
downloaded  —  Claria’s  adware 
Gator  is  well-known  to  Ohio  offi¬ 


cials  —  the  state’s  network  saw 
bandwidth  congestion,  while  offi¬ 
cials  felt  growing  concern  that 
children’s  personal  data  might  be 
stolen  by  some  spyware  code. 

“We  just  don’t  think  this  is  even 
legal  under  the  Family  Educa¬ 
tional  Rights  and  Privacy  Act,” 
Baker  says.  Because  students  are 
minors,  it’s  doubtful  the  law 
would  recognize  a  legal  right  to 
consent  to  download  adware  any¬ 
way  he  says. 

Nevertheless,  as  Ohio  education 
practices  support  children’s  use 
of  Internet  resources  via  the 
state’s  network,  the  Northern 
Buckeye  Educational  Council  de¬ 
cided  to  combat  its  massive  spy- 
ware  problem  by  licensing  10,000 
seats  of  software  from  Webroot  for 
use  by  kids  in  the  K-12  schools. 

Even  as  anti-spyware  product 
vendors  hope  to  find  the  right  fit 
for  corporate  networks,  so  too, 
some  of  the  vilified  adware  com¬ 
panies  are  trying  to  do  the  same 
—  in  their  own  way 

The  maker  of  a  Web  search  assis¬ 
tant  tool  that  serves  up  ads  based 
on  site  visits  to  20  million  active 
users,  180solutions,  announced 
last  week  it  has  undertaken  a 
shake-up  intended  to  prevent 
what  it  calls  misuse  of  its  software. 

“The  whole  goal  is  to  clean  up 
the  distribution  channel,”  says 
Sean  Sundwall,  corporate  commu¬ 
nications  director  at  ISOsolu  tions. 

In  July  he  says,  180solutions  set¬ 
tled  a  lawsuit  against  Internext 
Media,  which  paid  an  undis¬ 
closed  amount  for  allegedly  fail¬ 
ing  to  properly  enforce  what 
180solutions  describes  as  its 
“Code  of  Conduct,”  which  distrib¬ 
utors  of  the  search  assistant  soft¬ 
ware  are  supposed  to  follow  in 
getting  user  consent. 

In  addition,  180solutions  seeks 
to  “crack  down  on  rogue  installa¬ 
tions”  of  its  adware,  terminating 
more  than  500  of  its  8,000  distrib¬ 
ution  partners  and  turning  away 
eight  of  10  new  applicants  unwill¬ 
ing  to  abide  by  the  company’s 
guidelines  on  user  consent. 

New  versions  of  its  software, 
which  distributors  are  expected 
to  adopt  by  year-end,  will  use  a  dif¬ 
ferent  method  to  deliver  ads  by 
calling  the  180solutions  servers 
directly  The  goal  at  18Qsolutions: 
to  be  considered  a  “low-level 
threat.”* 
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Going  deep 


Here's  how  the  record-setting  toss  at  last  month's  Mobile  Phone  Throwing  World  Championships 
compares  with  other  distance  records. 


Shot  put  (Randy  Barnes,  U.S.,  1990):  76  feet 


Boomerang  (David  Schummy,  Australia,  2005):  1,401  feet  — 


© 


Mobile  phone  (Mikki  Lampi,  Finland,  2005):  312  feet 
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■  Javelin  (Jan  Zelezney,  Czech  Republic,  1996):  323  feet, 

HFL  pass  completion  (done  eight  times,  most  recently  by  Brett  Favre/Robert  Brooks,  U.S.,  1995):  297  feet 


Throwing 

continued  from  page  1 

about  3,000  spectators,  mainly 
Finns,  and  about  90  contestants, 
largely  from  Europe  but  with  a 
few  intrepid  Australians  and 
Canadians  thrown  in.The  sport 
hasn’t  caught  on  yet  in  the  U.S., 
not  even  in  Boston,  where 
Alexander  Graham  Bell  complet¬ 
ed  the  first  phone  call. 

Sponsorships  have  been  hard 
to  come  by  but  at  least  costs  are 
low. The  essentials  are  a  basket  of 
discarded  and  broken  cell 
phones,  an  open  space  (in  Fin¬ 
land,  an  athletic  field,  but  the 
Dutch  championships  were  at  a 
beach),  chairs  for  the  three 
judges,  measuring  tape,  and,  of 
course,  a  Web  site.  Backers  have 
included  one  of  Finland’s  lead¬ 
ing  beer  makers  and  a  licorice 
company 

Cell  phone  makers,  meanwhile, 
have  steered  clear.  Even  giant 
Nokia,  which  is  based  in  Finland, 
has  not  yet  seized  on  the  event. 
Nor  would  the  company  com¬ 
ment  for  this  story 


Germany’s  Siemens,  while 
acknowledging  the  annual 
throwing  event  makes  for  a  “light¬ 
hearted  stoty’ concentrates  “on 
very  few  sponsoring  activities 
leveraging  our  brand  value,”  a 
spokeswoman  says. 

The  fact  that  this  year’s  men’s 
champ,  Mikko  Lampi,  a  23-year- 
old  window  maker  from 
Vilppula,  Finland,  hurled  a 
Siemens  cell  phone  a  record  104 
yards  apparently  doesn’t  qualify 
as  brand-value  leverage.  But 
Siemens  did  express  satisfaction 
at  the  superior  aerodynamics  of 
its  product  line.“We  are  happy  to 
observe  that  even  after  the  end 
of  [the  phone’s]  life,  our  prod¬ 
ucts  still  excel  through  quality’ 
the  spokeswoman  says. 

Birth  of  a  quirk 

The  event  was  launched  six 
years  ago  by  Christine  Lund,  who 
works  at  Fennolingua,  a  transla¬ 
tion  agency  in  Savonlinna,  about 
200  miles  northeast  of  Helsinki. 

•  She  got  the  idea  when  she 
dropped  her  own  mobile  phone 


into  a  lake.  Her  insurance  com¬ 
pany  told  her  there  were  thou¬ 
sands  of  mobile  phones  in 
Finnish  lakes,  which  are  ice¬ 
bound  much  of  the  year. 

She  also  drew  inspiration  from 
the  fact  that  Finns  are  among  the 
most-prolific  mobile  phone  users 
on  the  planet,  and  are  continual¬ 
ly  upgrading  to  spiffier  handsets, 
leaving  behind  a  growing  pile  of 
old  ones. 

In  any  case,  Lund’s  company 
was  launching  a  new  translation 


service,  and  she  hit  on  the  idea 
of  phone  throwing  champi¬ 
onships  as  a  way  to  draw  atten¬ 
tion  to  it,  and  to  encourage  recy¬ 
cling  of  old  phones. 

People  just  like  throwing  them, 
she  says,  as  a  way  of  working  out 
the  ambivalence  the  devices 
introduce  to  modern  life. 

“If  you  want  to  reach  your 
loved  one,  he  never  replies,”  she 
says.“Or  you’re  always  waiting  for 
that  important  call.  Or  the  batter¬ 
ies  run  low.  It’s  a  tool,  but  one  we 
feel  frustrated  by’ 

The  unfurling  hurl 

The  thrill  of  the  hurl  seems  to 
be  spreading.This  year,  Germany 
Switzerland, The  Netherlands 
and  the  U.K.all  held  national 
mobile  phone  throwing  champi¬ 
onships.  Winner  of  the  women’s 
distance  throw  in  the  British 
games  was  Jan  Singleton,  a  pub¬ 
lic  relations  manager  with  GBO 
Bell  Pbttinger,  in  London. 
8thDayUK,  which  organizes 
leisure  and  entertainment  activi¬ 
ties,  combined  the  event  with  an 


invitation  to  recycle  old  mobile 
phones. 

Singleton  came  to  watch  at 
Richmond  Park  Golf  Course  in 
London,  and  decided  to  join  in. 
“Mobile  phones  can  cause  such 
stress  in  today’s  society  so 
chucking  one  down  a  field  is 
quite  therapeutic,”  she  says.The 
worst  is  when  the  battery  runs 
low:  It  never  gives  you  any  warn¬ 
ing.  It  just  bleeps  madly  and  then 
cuts  you  off.” 

She  had  her  revenge. 

An  enthusiast  of  badminton, 
tennis,  running,  cycling,  hiking 
and  skiing,  Singleton  used  for 
her  first  two  throws  a  style  based 
on  an  overhead  badminton 
clear,  which  is  an  over  arm  shot 
from  one  end  of  the  badminton 
court  to  the  other.  She  was  seri¬ 
ously  disappointed  in  the 
results.“Then  I  cottoned  on  to 
the  fact  that  putting  a  bit  of  a 
spin  on  it,  like  the  boys  were 
doing,  made  it  go  a  lot  further)’ 
she  says.  On  her  third  and  final 
throw,  the  Englishwoman  added 
some  body  English  and  the 
phone  sailed  for  127  feet,  setting 
what  was  then  a  new  women’s 
world  record. 

Singleton  couldn’t  attend  the 
World  Championships,  and  her 
record  fell  to  Finland’s  Marke 
Krok,  who  chucked  her  phone 
136  feet  to  win  the  women’s  divi¬ 
sion  and  set  a  new  world  record. 

But  distance  throwing  is  only 
half  of  this  event,  in  a  season  of 
odd  events,  which  includes 
swamp  soccer,  endurance 
sauna  sitting,  wife-carrying 
(which  reportedly  attracted  for¬ 
mer  NBA  star  Dennis  Rodman 
this  year),  and  air  guitar  con¬ 
tests.  Summer,  so  fleeting  this  far 
north,  seems  to  make  the  Finns 
a  bit  giddy. 

The  other  half  of  the  phone 
throwing  championship  puts 
giddiness  at  center  stage. This  is 


the  “freestyle”  event,  where 
judges  rate  contestants,  both 
individuals  and  teams,  on 
choreography,  style  and  original¬ 
ity  The  top  score  in  the  individ¬ 
ual  class  went  to  Sten 
Kiezenbrink,  of  Haaksbergen, 
The  Netherlands,  a  manager  at 
The  Phone  House,  an  arm  of 
one  of  Europe’s  biggest  mobile 
phone  retailers. 

He  dressed  up  as  his  company’s 
widely  known  mascot,  Mowbli,  in 
an  inflatable  mobile  phone  suit 
with  arms  and  legs.  He  put  a  pre¬ 
mium  on  spontaneity 

“I  didn’t  practice  at  all,”  he  says. 
“I  took  a  little  dance  and  then 
threw  myself  across  the  line  to 
the  ground.” 

Even  so,  he  barely  edged  out, 
by  a  single  point,  5-year-old 
Paavo  Kolari.of  Finland,  who 
dressed  up  as  a  pirate,  complete 
with  eye  patch. 

It  was  the  German  freestyle 
team, Team  Bielefeld/mobile 
fun,  that  lifted  this  year’s  cham¬ 
pionship  into  surreality.The 
members  wore  hats  that  were 
white  and  gold  replicas  of  the 
papal  miter  —  in  recognition  of 
Pope  Benedict  XVI,  the  first 
German  pope  —  and  towels,  in 
recognition  of  Finland’s  other 
national  pastime,  the  sauna. 
Phone  throwing  as  group  per¬ 
formance  art  won  them  77 
points,  blowing  past  their  near¬ 
est  rivals,  the  Austrians,  who 
collected  just  16.H 


Got  great  ideas? 


■  Got  a  suggestion  for  a  Wider  Net 
story?  An  offbeat  network  industry- 
related  topic?  A  fascinating  person¬ 
ality  we  should  profile?  Cnbct 

Bob  Brown  with  pur  ideas  it 
bbroim@Mw.fim 


“Mobile  phones  can  cause  such  stress 
in  today’s  society,  so  chucking  one 
down  a  field  is  quite  therapeutic.” 

Jan  Singleton,  a  public  relations  manager  with  GBO  Bell  Fbttinger  and  winner 
of  the  women’s  distance  throw  in  the  British  games 
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READY 


microsoft.com/security/it 

Microsoft 


Find  the  tools  and  guidance  you  need  for  a  well-guarded  network 
at  microsoft.com/security/IT 


Microsoft  Windows  XP  Service  Pack  2:  Download  it  for 
free  and  get  stronger  system  control  and  proactive  protection 
against  security  threats. 


►  Internet  Security  and  Acceleration  Server  2004:  Download 
the  free  120-day  trial  version  to  evaluate  how  the  advanced 
application-layer  firewall,  VPN,  and  Web  cache  solution  can 
improve  network  security  and  performance. 


W’: 


Microsoft 
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►  Microsoft  Risk  Assessment  Tool:  Complete  this  free,  Web-based 
self-assessment  to  help  ou  evaluate  your  organization's  security 
practices  and  identify  areas  for  improvement. 


Free  Tools  &  Updates:  Download  free  software  like  Microsoft 
Baseline  Security  Analyzer  to  verify  that  your  systems  are 
configured  to  maximize  security.  Manage  software  updates 
easily  with  Windows  Server  Update  Services. 
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Can  you  be  out  of  the  office  and  still  be  productive? 

(Only  if  you  have  the  right  equipment.) 


SMC  Barricade™  2804WBRP-G  Wireless 

Broadband  Router 

•  802.1 1  g  wireless  broadband  router  with 
built-in  USB  print  server 

•  Provides  a  convenient,  all-in-one  wireless 
networking  solution 

•  Combines  a  4-port,  1 0/1  OOMBps  dual-speed 
switch  with  Automatic  MDI-MDIX  feature 

•  Features  a  high-speed  54MBps  wireless  access 
point,  Stateful  Packet  Inspection  (SPI)  firewall  security, 
network  management  and  VPN  pass-through  support 


Netgear  WAG302  802.1  la/b/g 
ProSafe  Wireless  Access  Point _ 

•  Supports  both  5GHz  and  2.4GHz  54MBps 
radio  transmission 

•  Offers  up  to  108MBps  in  both  802. 11g  and 
802.11a  in  turbo  mode  to  support  up  to  128 
simultaneous  wireless  clients  in  the  same 
coverage  area 

•  Utilizes  AutoCelf'  RF  Technology 

•  Power  over  Ethernet,  802. 3af  compliant 


$8848 

CDW  558103 


NETGEAR  $314^* 

CDW  759523 


The  Mobile  Solutions  You  Need  When  You  Need  Them. 

If  security  concerns  have  held  you  back  from  making  your  workforce  more  productive  through  mobility,  it's 
time  to  turn  to  CDW.  With  access  to  the  largest  in-stock  inventories,  we  have  all  the  top  names  in  secure 
mobile  solutions.  Our  account  managers  can  quickly  answer  your  product  questions  and  guide  you  to  a 
solution  that's  right  for  you.  Plus,  get  your  order  shipped  out  fast.  So  why  wait?  The  sooner  you  call,  the 
sooner  you  can  go  mobile  with  confidence. 


Cisco6  Aironet  1231 _ 

•  802.1 1  b/g,  54MBps  wireless  access  point 

•  Supports  a  variety  of  clients  in  mixed  frequency 
and  mixed  throughput  environments 

•  Allows  single-  or  dual-radio  configuration  for 
up  to  54MBps  connectivity  in  both  the  2.4 
and  5GHz  bands 

•  Fully  compliant  with  the  IEEE  802.1 1  a, 

802.1 1  b  and  802.1 1  g  standards. 


$61946 

CDW  558198 


The  Right  Technology.  Right  Away. 

CDW.com  •  800.399.4CDW 
In  Canada,  call  888.898.CDWC  •  CDW.c 


Offer  subject  to  CDW's  standard  terms  and  conditions  of  sale,  available  at  CDW.com.  ©  2005  CDW  Corporation 


IN  financial  services,  it’s  the  volume  and  speed  of  stock  trades. 

In  telecommunications,  it’s  the  competitive  frenzy  to  serve  ever 
more  customers  with  ever  more  services. 

In  health  care  administration,  the  challenge  is  not  just  to  process 
payments,  but  also  to  prevent  fraud  and  maintain  strict  compliance 
with  new  government  regulations. 

All  global  enterprises  today  live  in  the  fallout  of  the  “data  explo¬ 
sion.”  They’ve  invested  millions  to  gather  and  store  potentially 
valuable  data.  But  they  are  increasingly  challenged  to  analyze  and 
process  this  data  quickly  and  turn  it  into  a  competitive  advantage. 

The  “data  explosion”  itself  isn’t  news — every  business  leader 
knows  there  are  more  data  sources  and  complex  data  queries  than 
ever  before.  And  the  stakes  keep  rising. 

Consider  the  financial  services  industry,  where  billions  of  dol¬ 
lars  are  on  the  line  and  the  decision-making  window  keeps  shrink¬ 
ing.  “In  the  past,  when  traders  competed  for  a  trade,  a  few  seconds 
meant  the  difference  between  winning  and  losing,”  says  Eric  Doyle, 
global  industry  manager,  financial  services,  at  Intel.  “Now,  with  the 
growth  of  programmed  trading,  seconds  are  an  eternity — it’s  mil¬ 
liseconds  that  mean  the  difference  in  who  wins  and  loses  a  trade.” 

THE  INFORMATION  CHALLENGE 

“Customers  today  don’t  have  the  challenge  of  having  enough 
data,”  says  Christopher  Buss,  director  of  business  intelligence  at  HP. 
“Being  able  to  identify  and  process  the  right  amount  of  data  is 
really  what  they’re  struggling  with.” 


THE  DATA  EXPLOSION  IS 
YOOR  OIGGEST  CHALLENGE 
OR  GREATEST  OPPORTUNITY 
—  THE  DECISION  IS  YOURS 


Sybase 

inU.  E 9 

invent 


POWERING  DATA  ANALYTICS 


CIO 


Custom  Publishing 


Among  the  issues: 

Sheer  numbers.  Informational  queries 
overwhelm  IT  staff  and  systems.  The  longer 
those  queries  take,  the  more  they  threaten 
the  operational  performance  of  the  organ¬ 
ization  and  compromise  service  level  agree¬ 
ments  (SLAs). 

Regulatory  compliance.  For  industries 
like  financial  services  and  health  care,  the 
need  to  meet  myriad  regulatory  require¬ 
ments — such  as  storing  more  data  for  longer 
periods  of  time — overwhelms  systems  and 
staffs,  diverting  time  and  energy  from  proj¬ 
ects  that  build  the  business. 

Cost.  More  complex  queries  mean  more  investments  in  storage 
hardware,  reporting  systems  and  staff  training.  “You  want  to  have 
a  balance  between  lowering  costs  and  making  data  as  speedy  and 
available  as  you  possibly  can,”  says  Kathleen  Schaub,  vice  president 
of  product  marketing  at  Sybase. 

THE  BUSINESS  OPPORTUNITIES 

Business  and  technology  leaders  have  long  tried  to  derive  value 
from  business  data,  but  traditional  methods  fall  short.  Relational 
database  management  systems  (RDBMSs),  for  example,  don’t  ade¬ 
quately  support  the  sophisticated  reporting  and  analytics  necessary 
for  quick  decision  making.  Data  warehouses  are  costly  in  terms  of 
time,  money  and  resources,  and  traditional  reporting  systems  can 
be  inefficient  and  expensive. 

But  it’s  not  just  an  IT  challenge.  “This  is  much  more  than  a  data 
management  issue  for  IT,”  says  Intel’s  Doyle.  “It’s  a  line-of-busi- 
ness  issue:  understanding  how  to  architect  an  infrastructure  that  can 
analyze  these  huge  data  sets  and  make  smarter  business  decisions 
in  ever  shorter  periods  of  time.  The  firms  that  make  the  best  use  of 
this  market  data  have  the  competitive  advantage.” 

Increasingly,  smart  business  leaders  are  turning  to  a  new  gener¬ 
ation  of  data  analytics  solutions  to  do  just  that. 

Collaboration  among  HP,  Intel  and  Sybase  drives  integrated 
reporting  solutions  that  enable  the  analysis  and  reporting  of  busi¬ 
ness  data  with  unprecedented  speed  and  cost-efficiency.  Sybase  IQ, 
running  on  64-bit  Intel®  Itanium®  2  processor-based  HP  servers,  can 


What  Is  Your 
Greatest  Data  Explosion 
Pain  Point* 

Too  much  data 
Too  many  regulatory  issues 
Existing  systems  too  unwieldy  and  expensive 
Current  analytic  tools  too  slow 

Post  your  answer  to  this  quick  poll  at 
www.networkworld.com/go/dataexplosion 


dramatically  accelerate  time-to-informa- 
tion  while  reducing  the  cost  and  complex¬ 
ity  of  data  management. 

The  Sybase  IQ  platform  running  on 
Itanium  2-based  HP  servers  gives  global 
businesses  the  means  to  capitalize  on  the 
data  explosion  through: 

Standardization.  Because  this  inno¬ 
vative  data  analytics  solution  is  built  with 
a  standards-based  relational  design  and 
easily  integrates  with  existing  systems,  it 
overcomes  the  complexity  that  strains 
many  IT  departments. 

Speed.  Using  a  column-based  structure 
and  running  on  64-bit  Itanium  2-based  HP  servers,  Sybase  IQ  deliv¬ 
ers  queries  up  to  roo  times  faster  than  an  RDBMS.1 

Compliance.  By  providing  a  platform  for  more  complete  analy¬ 
sis  and  reporting  along  with  easy  access  to  historical  data,  Sybase  IQ 
gives  businesses  tools  to  meet  regulatory  requirements. 

Cost  Reduction.  By  reducing  analytics  and  storage  costs  while 
minimizing  risk,  the  platform  contributes  to  a  healthy  bottom 
line.  Running  on  Itanium  2-based  HP  systems,  the  solution  scales  as 
user  loads  increase,  enabling  smarter,  faster  decisions  with  low 
cost  of  ownership.  Sophisticated  compression  algorithms  reduce 
storage  needs  by  30  to  70  percent.2 

In  this  post  “data  explosion”  world,  sophisticated  data  analytics 
are  a  necessity — not  a  luxury.  Innovative,  low-cost  solutions  that 
combine  extraordinary  speed,  agility  and  openness  make  it  easier 
than  ever  to  gain  value  from  the  data  you  have  today  while  driving 
faster  time  to  money. 


FOR  MORE  ON  THE  DATA  EXPLOSION 

Visit  www.networkworld.com/go/dataexplosion  for  white  papers, 
news  and  analysis,  and  check  out  the  interactive  webcast  featur¬ 
ing  experts  from  Sybase,  Intel  and  HP  in  an  engaging  discussion  of 
the  business  imperative  and  technology  tools  helping  global  enter¬ 
prises  turn  the  data  explosion  challenge  into  a  new  opportunity  to 
V^grow  their  business. 

'Source:  White  paper,  “Sybase  IQ — Improving  the  Economics  of  Business  Reporting", 

WWW.SybaSe.COm/COntent/lO324O4/LO2555_IQRepOrting_WEB.pdf 

2Source:  “Sybase  1Q\  an  evaluation  by  Bloor  Research,  www.sybase.com/detail?id= 103  5804 


ACTION  ITEMS 

Ulfhat  an  IT  Manager  Can  Do  About  the  Data  Explosion 


IT  managers  play  an  important  rale  in  execut¬ 
ing  solutions  that  turn  the  dat 3  explosion  into 
an  information  advantage.  Tactics  include: 

Evaluate  Needs.  Because  they're  on 
the  frontlines,  IT  managers  hav  the:  clear¬ 
est  idea  of  how  mi  :h  data  they  need  to 
store,  refresh  and  make  available  for  ever 
more  sophisticated  end  users  and :  ueries. 
Are  traditional  RDBMSs  fail  g  to  provide  the 
reporting  a:  !  analytics  that  more  demand¬ 
ing  queries  require?  Do  they  require  too 


much  query  tuning  and  storage? 

Consider  the  Next  Generation.  Sybase 
IQ,  running  on  Intel®  Itanium  2  processor- 
based]  HP  servers,  can  solve  many  of  the 
problems  associated  with  traditional  data 
management  solutions.  Consider  these:  new 
solutions  and  weigh  the  benefits  today  and: 
in  the  years  ahead. 

Recognize  the  Benefits.  IT  staff  will 
reap  the:  benefits  of  a  good  data  analytics 
solution,  especially  if  managing  and  optimiz¬ 


ing  queries  have  proved  overwhelming  in  the 
past:  The  Sybaso-Intel-HP  solution  can 
reduce  storage  needs  by  as  much  as  70 
percent  and  deliver  ad  hoc  query  perform¬ 
ance  up  to  1  .  times  fa  er  than  tradition¬ 
al  RDE  v/ISs. 

Leverage  Resou  ces.  Visit  www. 
netuvor!  world  :om  go/dataexplosion  for 

white  papers  and  case:  studies  that  offer 
other  tactical  approaches  to  understanding 
and  addressing  the  data  explosion. 
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ET  INFRASTRUCTURE 


SECURITY  ■  SWITCHING  ii  ROUTING  SVPNS  ■  BANDWIDTH  MANAGEMENT  m\IOlP  WIRELESS  LANS 


Sendmail  guards  e-mail 


I  F5  Networks  last  week  acquired 
WAN  traffic  acceleration  firm  Swan 
Labs  for  $43  million.  F5  plans  to  inte¬ 
grate  Swan  Labs'  technology  into  its 
BIG  IP  platform  for  LAN/WAN  traffic 
acceleration  and  SSL  VPN  accelera¬ 
tion.  The  Swan  technology  will  let  BIG 
IP  devices  better  support  branch 
offices  tied  to  a  corporate  main 
office  via  a  VPN  or  dedicated  WAN 
links.  Swan’s  WAN  Jet  products  are 
used  to  compress  and  optimize  appli¬ 
cation  traffic  to  run  more  efficiently 
over  lower-bandwidth  WAN  links,  F5 
says.  The  Swan  technology  gives  F5 
branch  office  support  capabilities 
similar  to  Peribit  Networks,  which 
Juniper  acquired  in  April,  and 
FineGround  Networks,  purchased  by 
Cisco  in  May. 

■  Symantec  has  issued  a  patch  for 
a  vulnerability  in  its  corporate  anti¬ 
virus  software  that  could  let  an  unau¬ 
thorized  person  access  a  company’s 
servers.  The  flaw,  in  version  9  of  its 
AntiVirus  Corporate  Edition  product, 
exposes  the  server  logon  name  and 
password  used  by  the  administrator 
who  authorizes  updates  to  the  soft¬ 
ware,  Symantec  says.  The  AntiVirus 
product  comes  with  a  LiveUpdate 
client  that  can  check  for  product 
updates.  After  the  client  receives  the 
updates  from  the  LiveUpdate  server, 
information  about  the  transaction  is 
stored  in  a  local  log  file.  The 
LiveUpdate  server  logon  and  pass¬ 
word  are  included  in  that  log  file  as 
clear  text,  Symantec  says.  The  patch 
is  available  from  www.networkworld 
.com,  DocFinder:  8828.  Symantec 
advised  customers  to  create  a  unique 
logon  and  password  for  accessing 
LiveUpdate  services,  rather  than 
using  the  same  administrator  logon 
that  provides  broader  system  access. 
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NEWS  ALERTS 

Hate  hunting  for  stories  on  a  spec 
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■COffl  HMyghcWrllM 

BY  CARA  GARRETSON 

It  seems  everyone  who’s  anyone  in  the  e- 
mail  security  world  is  getting  into  the  appli¬ 
ance  business. 

As  Sendmail’s  product  announcement 
this  week  illustrates,  appliances  that  sit  at 
the  gateway  are  becoming  a  popular  way 
for  companies  to  guard  against  email 
threats  while  performing  an  array  of  other 
services,  such  as  instituting  corporate  and 
regulatory  policies,  encrypting  sensitive  e 
mail  and  preventing  intellectual  property 
from  leaving  the  company  Sendmail  joins  a 
long  list  of  vendors  in  this  market;  some 
such  as  Symantec  and  Proofpoint  are  rela¬ 
tive  newcomers,  while  others,  including 
IronFbrt  and  BorderWare,  have  been  pro¬ 
moting  the  appliance  approach  for  years. 

Sendmail’s  Sentrion  e-mail  gateway 
appliance,  slated  for  release  in  early 
October,  takes  the  features  of  the  compa¬ 
ny’s  Mailstream  Manager  gateway  software 
and  makes  them  available  on  a  high-per¬ 
formance,  secured  appliance,  says  John 
Ore,  Sendmail’s  director  of  product  mar¬ 
keting.  As  with  many  other  products  in  this 
area,  Sentrion’s  modules  include  spam 
and  virus  protection,  connection  control 
that  throttles  back  messages  deemed  sus¬ 
pect,  policy  implementation  designed  to 
keep  communications  in  line  with  regula¬ 
tions  and  corporate  mandates,  and  the 
archiving  and  encrypting  of  messages. 
These  can  all  be  administered  from  a  Web 
interface,  Ore  says. 

“This  is  just  really  easy  to  set  up  and  get 
going,  even  if  you’re  not  an  e-mail  expert,” 
says  Tim  Boyer,  director  of  IT  at  manufac¬ 
turer  Denman  Tire,  which  is  beta  testing 
Sendmail’s  Sentrion. “And  now  I  have  a  sin¬ 
gle  place  where  I  can  put  all  my  [email] 
policies  in  place.” 


The  Age  of  Appliance 

In  2005,  e-mail  security  appliances 
that  sit  on  an  organization's 
gateway  to  filter  incoming  and 
outgoing  messages  will  eclipse 
hosted  services  in  popularity. 

Hosted  services 

Managed 
services  7% 

Anti*virus 
engines 

10% 

E-mail 
security 
appliances 

12% 


SOURCE:  THE  R  ADICATI  GROUP 


That’s  not  to  say  other  approaches  to  e- 
mail  security  are  going  away  Very  large 
organizations  prefer  to  get  their  e-mail 
security  in  software  form  so  they  can  cus¬ 
tomize  it  to  their  specific  needs,  while 
smaller  companies  like  the  no-fuss 
approach  of  managed  e-mail  services,  says 
Matt  Cain,  an  analyst  at  Gartner. 

Many  vendors  are  competing  on  multiple 
fronts.  Symantec  offers  e-mail  security  as  a 
software,  service,  or  via  an  appliance;  Ci- 
pherTrust  sells  its  IronMail  appliance  but 
also  offers  to  host  it  for  companies;  and  a 
number  of  companies,  including  Mail- 
Frontier,  Mirapoint,  Proofpoint,  SurfControl 
and  Tumbleweed,  sell  both  gateway  soft¬ 
ware  and  appliances.  The  purists  in  this 
market  include  the  companies  that  offer 


hosted  services,  such  as  Fbstini  and  Front- 
Bridge,  which  was  acquired  by  Microsoft 
this  summer. 

Appliances  tend  to  appeal  to  midsize 
companies  that  don’t  have  the  IT  staff  to 
configure  and  support  gateway  software, 
but  also  want  to  keep  the  management  of 
their  e-mail  under  their  own  roof,  Cain  says. 

“Customers  see  [appliances]  as  easier 
procurement,  one-stop  shopping  and  eas¬ 
ier  implementation,”  Cain  says.  Because 
an  appliance’s  operating  system  is  usual¬ 
ly  hardened.it  can  provide  a  high  level  of 
security,  while  software  would  require  sig¬ 
nificant  configuring  to  get  to  that  point, 
he  says. 

At  Community  Medical  Centers,  manager 
of  network  services  Rich  Cummins  wanted 
a  gateway  appliance  instead  of  software  to 
protect  the  inboxes  of  his  3,200  users.  He 
made  this  decision  last  year,  because  he 
didn’t  want  his  staff  spending  a  lot  of  time 
on  an  application  that  isn’t  critical  to  the 
company’s  business. 

“These  types  of  applications  don’t  really 
offer  any  business  benefit,  so  it’s  really  not 
an  application  I  want  to  spend  a  lot  of  time 
on  since  it’s  not  critical,  like  hospital  infor¬ 
mation  systems  are,”  Cummins  says.  “For 
these  security  types  of  applications,  if  I  can 
get  a  point  solution  that  out  of  the  box 
works  well . .  .then  my  team  can  spend  time 
on  more  critical  applications.” 

After  evaluating  a  number  of  gateway  soft¬ 
ware  products,  including  Brightmail,  which 
is  now  owned  by  Symantec,  Community 
Medical  Centers  went  with  Proofpoint’s 
Security  Gateway  appliance.“My  engineers 
loved  it  because  of  the  quickness  of  plug¬ 
ging  an  appliance  in,”  Cummins  says. 

Pricing  for  Sendmail’s  Sentrion  was  not 
announced.  ■ 


IMIogic  offers  messaging  virus  filter 


BY  JOHN  FONTANA 

With  viruses,  worms  and  malware  target¬ 
ing  instant  messaging,  IMIogic  last  week 
released  software  designed  to  thwart  infec¬ 
tion  and  the  spread  of  attacks. 

The  company’s  Real-Time  Threat 
Protection  System  (RTTPS)  is  a  proactive 
filtering  system  for  detecting,  deflecting 
and  eliminating  malicious  content  sent 


through  IM.  Company  officials  call  it  “pre¬ 
dictive  software"  aimed  at  choking  off  fast 
spreading  IM  viruses. 

RTTPS  features  a  traffic  filter  that  watches 
for  anomalies  or  patterns  that  could  signal 
the  work  of  a  virus,  such  as  rapid-fire  send¬ 
ing  of  messages.  It  also  looks  at  content  and 
embedded  links,  and  scores  them  against  a 
reputation  engine. 


“We  have  identified  a  business  need  for 
IM,”  says  Kyle  Getz,  director  of  IT  for  The 
Seattle  Times.“But  we  also  have  a  complete 
set  of  information  security  policies  for  the 
technology  that  we  use.”  Getz  says  those 
policies  are  currently  being  revised  to 
address  IM.As  part  of  the  effort,  the  compa¬ 
ny  is  in  the  process  of  rolling  out  RlTPS  to 
See  IMIogic,  page  24 
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Closing  the  door  on  Windows 


TOLLY  ON  TECHNOLOGY 

Kevin  Tolly 


A  month  or  so  back,  I  wrote  a 
piece  — “Does  the  OS  matter  any¬ 
more"  (www.networkworld.com, 
DocFinder:  8826)  —  positing  in 
essence  that  the  generic  nature 
of  key  applications  is  such  that 
the  underlying  OS  matters  less 
and  less  all  the  time. 

Around  the  same  time,  my  Sony 
Vaio  running  Windows  XP  bit  the 
dust  even  earlier  than  the  24- 
month  life  span  I’ve  come  to 
expect.  It  had  already  shown 
signs  of  “age“  with  frequent 
reboots  required  and  countless 
inexplicable  hangs.  They  say 


insanity  is  doing  the  same  thing 
over  and  over  and  expecting  dif¬ 
ferent  results.  So  instead  of  buy¬ 
ing  my  nth  Windows  machine,  I 
purchased  an  Apple  BowerBook 
G4.That  was  60  days  ago. 

In  case  you’re  busy  and  don’t 
have  time  to  read  the  entire  col¬ 
umn,  I’m  not  going  back  to 
Windows.  While  Microsoft  doesn’t 
make  any  particular  effort  to  help 
the  transition,  and  Apple  could  do 
more,  the  bottom  line  is  that  I’m 
able  to  get  my  work  done  more 
efficiently  with  fewer  crashes  and 
have  already  found  “richer"  pro¬ 
grams,  such  as  Apple’s  iWork 
Pages  (word  processor)  and 
Keynote  (presentation),  which  I 
expect  to  offer  me  more  than  their 
MS  Office  counterparts, 

My  previous  column  on  the 
topic  apparently  touched  a 
nerve,  as  it  subsequently  was  syn¬ 
dicated  (by  Network  World’s  par¬ 


ent,  IDG)  to  publications  from 
Europe  to  Australia.  While  reader 
response  was  overwhelmingly  in 
agreement,  it  is  important  to 
mention  the  comments  of  one 
corporate  developer.  He  said  that 
his  firm  relies  heavily  on  the 
automation  capabilities  of 
Microsoft  Office  that  are  based 
on  Visual  Basic  for  Applications 
—  not  something  you’ll  find 
today,  that  I  know  of,  on  Mac  or 
Linux.  If  you  are  in  that  category 
you  likely  are  stuck  where  you 
are  for  the  present. 

Despite  my  personal  attempt  to 
jettison  Windows,  my  company 
and  my  customers  are  still  tied  to 
Windows  systems  and  file  for¬ 
mats,  so  “Job  1  “  was  to  interface 
with  same. 

Fortunately,  many  systems 
already  offer  (supposedly  ven¬ 
dor-neutral)  browser-based 
interfaces.  Cranking  up  Apple’s 


Safari  browser,  I  was  able  to 
access  virtually  all  applications 
without  problem,  including  MS 
Exchange  via  Outlook  Web 
Access.  To  access  server-based 
applications,  I  downloaded  the 
Citrix  OSX  client,  and  within 
minutes  was  working  away. 

Tied  to  MS  Access,  a  Windows- 
only  application,  1  knew  that  I 
needed  to  run  a  virtual  Windows 
environment  on  my  Mac.  I  tried 
the  low-cost  iEmulator  1.7.6 
(from  the  company  of  the  same 
name),  and  while  I  could  get 
Windows  2000  to  load,  I  got 
nothing  but  bizarre  disk  access 
errors  from  the  applications  I 
tried  to  load.  I  bought  Microsoft’s 
Virtual  PC  7,  and  my  problems 
were  solved. 

While  I  originally  planned  to 
load  XP  as  my  “base"  after  scan¬ 
ning  Internet  message’  boards, 
Windows  2000  seemed 'the  way 


to  go  —  and  would  meet  my 
needs.  On  to  this  I  loaded  Office 
2000  Pro  (again,  enough  for  my 
needs)  and,  to  boot,  the  latest  ver¬ 
sion  of  MS.Net  Framework  Beta  2. 
Everything  worked  fine.  Best  of 
all,  the  Mac  hard  drive  looks  like 
a  network  drive  to  Virtual  PC, 
allowing  me  to  access  data  from 
either  system. 

So  what  don’t  I  like?  The  battery 
life  is  short  —  about  two  hours  — 
and  the  machine  runs  quite  hot. 
Of  course,  these  are  some  of  the 
reasons  that  Apple  has  linked  up 
with  Intel.  Finally,  full  Office 
Outlook  connectivity  is  a  chal¬ 
lenge  but  more  about  that  in  a 
future  column. 

Tolly  is  president  of  The  Tolly 
Group,  a  strategic  consulting  and 
independent  testing  company  in 
Boca  Raton,  Fla.  He  can  be 
reached  at  ktolty@tolly.com. 


Check  Point  eases 
security  update  steps 


IMIogic 

continued  from  page  21 

guard  against  viruses  and  worms. 

“Our  goal  is  to  minimize  attacks  and  this 
tool  seems  to  be  the  best  at  catching  what 
is  out  there,”  he  says. 

RTTPS  is  a  module  that  works  in  con¬ 
junction  with  IMlogic’s  IM  Manager,  which 
lets  users  secure,  log  and  audit  traffic  gen¬ 
erated  by  IM  clients  from  AOL,  Yahoo, 
Jabber,  Microsoft,  and  IBM/Lotus.  IMIogic 
competes  with  FaceTime  and  Akonix  to 
monitor  and  manage  IM  traffic. 

While  RTTPS  mns  on  the  corporate  net¬ 
work,  it  also  provides  information  to  the 
centralized  IMIogic  Threat  Center. 
Information  on  potential  threats  and  mali¬ 
cious  links  collected  by  the  network  of 
corporate  RTTPS  users  is  evaluated  and 
aggregated  at  the  Threat  Center  and  fed 
back  to  RTTPS  for  use  with  its  filtering 
engine,  much  like  updates  to  anti-vims 
engines. 

The  Predictive  Threat  Filter  uses  heuristic 
filters  to  identify  potential  threats  and 
block  them.  The  reputation  engine  evalu¬ 
ates  the  potentially  threatening  content 
and  provides  a  score  based  on  a  perceived 
level  of  risk 

The  software  also  can  be  configured  to 
redirect  hyperlinks  and  URLs  in  IM  mes¬ 
sages  to  an  internal  server  to  warn  users  of 
potential  risks. 

The  software  also  includes  white  list  con- 
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IM  stats 

From  April-June  2005,  the  IMIogic 

Threat  Center  recorded  a  jump  in 

threats  and  attacks  on  IM. 

A  2,747%  increase  in  reported  incidents  of  new 
IM/P2P  viruses,  worms  and  malicious  code, 
including  SPIM/malware. 

More  than  541  unique  IM/P2P  threats,  including 
IM-specific  attacks  and  “blended  threats"  that 
target  IM/P2P  applications. 

Eighty-six  percent  of  reported  incidents  include 
IM  virus  or  worm  propagation;  13%  are  known 
to  hjjack  IM  file  transfer  capability;  1%  utilize 
known  client  vulnerabilities. 

Kelvir,  Opanki  and  Gabby  worms  reported  as  the 
most  frequently  detected  IM  infections  in 
corporate  environments. 

SOURCE:  IMLOGIC  THREAT  CENTER 

trols  to  allow  certain  activity.  “Some  users 
are  worried  about  false  positives  because 
they  don’t  want  to  hinder  or  shutdown  IM 
for  a  false  positive,” says  Jon  Sakoda.CTO  of 
IMIogic.  Sakoda  says  RTTPS  also  includes 
IT  administrative  controls  for  defining  a 
quarantine,  which  can  be  to  notify  end 
users  of  a  malicious  URL,  block  the  URL, 
lock  out  the  user  or  shutdown  IM  com¬ 
pletely 

IMIogic  RTTPS  integrates  with  IMIogic  IM 
Manager  7.0  and  7.5.  The  7.5  version  sup¬ 
ports  monitoring  and  analysis  of  RTTPS 
traffic  directly  from  IM  Manager’s  adminis¬ 
trative  dashboard. 

The  software  is  available  now  and  pric¬ 
ing  starts  at  $10  per  user  per  year.  ■ 


BY  TIM  GREENE 

By  the  end  of  the  year  Check  Point  plans 
to  release  software  and  a  service  that  will 
let  customers  more  easily  update  its  secu¬ 
rity  platforms. 

Called  Universal  Updatability  the  soft¬ 
ware  will  apply  to  all  of  the  company’s  plat¬ 
forms,  says  Gil  Shwed,  chairman  and  CEO 
of  Check  Point.  He  says  they  include  secu¬ 
rity  software  for  individual  machines 
accessing  a  network  via  VPN  gateways  and 
internal  security  gateways  to  VPN  gear. 

This  is  the  latest  step  in  Check  Point’s 
grand  plan  announced  two  years  ago  to 
address  perimeter,  internal  and  Web  secu¬ 
rity  The  company  followed  up  by  issuing  a 
slew  of  new  products  to  meet  that  goal. 
This  spring.it  continued  by  adding  its  NGX 
management  software,  which  aims  to 
make  it  simpler  to  run  network  security 
day-to-day  and  to  update  software  on 
Check  Point’s  various  products. 

The  new  software  features  will  tie  togeth¬ 
er  updates  for  Check  Point  VPN-1,  Integrity 
endpoint  security  Connectra  SSL  VPN  gear, 
InterSpect  internal  security  gateway  and 
Eventia  analyzer  software,  which  gathers 
network  data  and  correlates  security 
events.The  software  will  be  augmented  by 
an  update  service  that  will  let  customers 
review  and  accept  new  features  and  have 
them  automatically  downloaded  to  the 
appropriate  Check  Point  products  in  cus¬ 


tomer  networks,  Shwed  says. 

For  instance,  if  there  is  a  defense  for  a 
newly  discovered  threat,  Check  Pbint 
could  distribute  an  update  to  defend 
against  it  that  might  be  applied  to  a  VPN-1 
gateway  or  to  IntraSpect.and  via  a  service, 
the  update  would  be  distributed  automat¬ 
ically  to  the  appropriate  devices,  Shwed 
says.“Everything  gets  updated  in  real  time, 
online,  without  the  limitations  of  other 
approaches,"  he  says. 

Check  Point  faces  challenges  from 
wealthier  competitors  Cisco  and  Juniper, 
which  are  also  trying  to  develop  compre¬ 
hensive,  unified  network  security  Both  have 
announced  their  own  broad  security 
schemes  that  involve  using  networking 
gear  to  enforce  policies  rather  than  adding 
security  devices  separate  from  the  net¬ 
working  gear,  as  is  Check  Point’s  strategy 

The  software  needed  to  carry  through 
on  Universal  Adaptability  will  be  a  minor 
release,  says  Shwed,  for  those  companies 
that  have  made  the  major  shift  to  NGX. 
Those  who  have  made  the  change  will 
find  the  new  upgrade  service  similar  to 
the  company’s  SmartDefense  services, 
which  distributes  new  software  to  Check 
Point  products,  but  in  a  more  cumber¬ 
some  way.  Shwed  says  somewhere 
between  15%  and  20%  of  Check  Pbint 
customers  subscribe  to  SmartDefense 
services.  ■ 
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Short  Takes 


■  LeftHand  Networks,  a  maker  of 
iSCSI-based  storage-area  network 
products,  says  it  has  received  $25 
million  in  new  venture  funding,  bring¬ 
ing  its  total  to  $75  million.  Valhalla 
Partners  led  the  round,  with  new 
participation  from  JPMorgan  Chase. 
The  funding  will  be  used  to  extend 
the  company’s  global  sales  and  sup¬ 
port  efforts,  LeftHand  executives 
say. 

■  Novell  last  week  announced  its 
SuSE  Linux  10  operating  system  will 
be  generally  available  early  next 
month  in  retail  or  online  stores.  The 
new  software  emphasizes  ease  of 
use  and  is  aimed  at  both  developers 
and  home  users,  according  to  the 
company.  Version  10  is  the  first  fruit 
of  the  openSuSE  project,  a  commu¬ 
nity  program  backed  by  Novell  and 
designed  to  evangelize  its  distribu¬ 
tion  of  Linux.  Novell  unveiled  its 
openSuse  project  at  the  LinuxWorld 
show  in  San  Francisco  last  month 
when  the  company  released  the 
first  public  beta  of  SuSE  Linux  10. 
SuSE  Linux  was  previously  known 
as  SuSE  Linux  Professional.  The 
new  operating  system  incorporates 
feedback  from  developers  garnered 
since  the  first  public  beta  was 
released  Aug.  9. 

■  Advanced  Micro  Devices  is  get 

ting  a  new  CTO,  as  Fred  Weber 
steps  down  to  pursue  other  interests 
and  Newisys  founder  Phil  Hester 
takes  over  the  job,  AMD  announced 
last  week.Weber,  who  is  credited 
with  leading  the  engineering  teams 
that  developed  AMD's  Opteron  and 
Athlon  64  processors,  will  leave  the 
company  after  a  transition  period  of 
several  weeks  and  will  then  focus  on 
new  entrepreneurial  opportunities, 
an  AMD  spokesman  said.  Hester 
has  several  goals  in  mind  for  AMD's 
future  processor  development.  He 
plans  to  work  on  building  versions  of 
Opteron  for  high-end  multiprocessor 
servers,  such  as  the  64-way  Opteron 
servers  that  are  in  development  at 
Newisys,  he  said. 


VoIP,  servers  to  the  rescue 


Emergency  911 


Oconee  County's  E911  system  is  a  model  for  the  rest  of  South  Carolina.  How 


D  A  call  comes  in  over  an  analog  or  VoIP  network  (once  the  VoIP  carriers'  vendors  perfect  the  routing 
capability)  through  a  series  of  Cisco  routers,  switches  and  firewalls.  It  is  handled  by  the  Power911 
Server  (Stratus  ft3300)  and  then  routed  to  the  appropriate  workstations  (HP  dc7100s). 

B  A  dispatcher  receives  the  call,  and  the  caller's  address  and  phone  number  appear  on  the  20"  desktop 
screen  and  are  also  automatically  entered  into  the  computer-aided  dispatch  system,  running  on  a 
Stratus  server. 

B  The  information  in  the  dispatch  system  is  integrated  with  local  and  remote  databases  through  multiple 
network  interfaces  and  firewalls  and  routers  from  Cisco. 

□  A  dispatcher  assigns  a  deputy  to  respond  to  the  call  via  radio. 


BY  JENNIFER  MEARS 

When  John  Murray  came  to  Oconee 
County  five  years  ago,  he  faced  a  daunting 
task:  overhaul  an  aged  emergency  91 1  sys¬ 
tem  that  included  a  hardware  platform 
from  the  1980s  and  radios  that  “were  older 
than  most  police  officers  in  our  depart¬ 
ment.” 

Today,  the  $2.5  million  communications 
infrastructure  that  Murray  designed,  with 
input  from  a  wide  range  of  county  offi¬ 
cials,  includes  fault-tolerant  hardware  and 
VoIP  capabilities  and  is  looked  upon  by 
the  state  of  South  Carolina  as  the  model 
other  county  governments  should  follow 
when  creating  advanced  E911  systems. 

“We  went  from  the  Wright  Brothers  tech¬ 
nology  to  exceeding  the  technology  of  the 
high-performance  Blackbird  military 
plane  in  one  quantum  leap,”  Murray  says. 
“We  did  that  not  only  at  the  hardware 
level,  but  also  at  the  software  level.” 

The  county,  nestled  in  the  extreme  north¬ 
west  corner  of  South  Carolina,  recruited 
Murray,  a  former  deputy  CIO  in  the 
Treasury  Department,  to  be  the  technical 
lead  on  the  project  in  early  2000.  The  first 
few  years  were  focused  on  creating  a  busi¬ 
ness  plan,  getting  funding,  completing  the 
communications  plan  and  getting  neces¬ 
sary  county  and  state  approvals. 

During  that  time,  Murray  formed  a  public 
safety  communications  advisory  commit¬ 
tee,  which  included  leaders  from  police, 
fire  and  emergency  organizations,  to  be 
involved  in  the  planning  process. 

“Because  if  1  give  you  the  best  whiz-bang 
technology  in  the  world,  and  it  doesn’t  do 
what  you  want  it  to  do,  it  doesn’t  serve  any 
purpose,”  Murray  says. 

Once  funding  was  in  place  and  an  over¬ 
all  communications  plan  was  approved, 
the  task  was  choosing  vendors.  Final  deci¬ 
sions  were  made  a  little  more  than  a  year 
ago,  and  the  first  phase  of  the  project, 
which  involved  putting  critical  emergency 
applications  on  three  fault-tolerant  Stratus 
servers  and  moving  everything  to  the  new 
Law  Enforcement  Center,  went  live  in  July. 

In  addition,  the  county  deployed  an  E91 1 
VoIP  package  that  it  is  beta  testing  with 
Positron  Public  Safety  Systems. 

“We’re  the  first  system  in  the  country  to 
go  with  voice-over  IP  for  91  l,”says  Murray. 


In  most  cases,  he  says,  emergency  calls  on 
VoIP  don’t  reach  911  centers,  because  of 
technology  problems  VoIP  providers  face 
trying  to  link  to  emergency  communica¬ 
tions  services  built  on  traditional  fixed- 
line  networks. 

“We’re  the  first  system  to  be  able  to  han¬ 
dle  not  only  the  standard  analog  tele¬ 
phone  calls,  but  VoIP  calls,”  Murray  says.“So 
we  can  take  either  a  data  network  stream 
or  an  analog  voice  stream.” 

Those  calls  are  then  routed  via  Cisco 
routers  and  patch  panels  to  13  dispatch 
stations  with  HP  PCs  using  20-inch  moni¬ 
tors.  When  dispatchers  enter  information 
into  the  system  during  a  major  emergency, 
it  also  is  logged  on  a  map  on  the  center’s 
48-  by  84-inch  plasma  screen,  which  shows 
the  availability  and  location  of  respon¬ 
ders. 

In  addition,  the  system  is  set  up  to  enable 
emergency  officials  to  do  “reverse  911” 
calls  to  alert  families  and  businesses  in 
areas  around  a  major  emergency  situa¬ 
tion,  Murray  says.  There  are  plans  to  link 
the  emergency  center  with  federal  data¬ 


bases  and  create  universal  interoperability 
with  other  public  safety  agencies,  he  adds. 

The  network  infrastructure  is  designed  to 
support  technology  for  years.  “We  wanted 
to  make  sure  that  we  didn’t  have  any  obso¬ 
lescence  built  in,”  Murray  says.  “Many 
times,  you  put  a  system  in,  and  then  when 
you  come  up  with  a  new  idea,  you  have  to 
change  it  to  do  something  new.  We  built 
this  system  so  we  wouldn’t  have  to  do 
that.” 

For  example,  if  a  grant  would  be 
approved  to  fund  computer  terminals  for 
the  county’s  nearly  100  patrol  cars,  “I  can 
do  that,”  Murray  says.“My  CAD  [computer- 
aided  dispatch]  software  has  a  module  to 
do  remote  data  entry  via  radio  or  tele¬ 
phone  interface,” he  says.“If  I  get  the  equip¬ 
ment,  I  can  build  the  capability  right  into 
this  system.” 

The  county’s  emergency  services  had 
been  running  on  an  old  AS/400  that  was 
prone  to  hiccups.  “And  the  software  that 
was  on  it  was  not  public  safety  software;  it 
was  a  software  package  written  by  a 
See  South  Carolina,  page  30 
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business  to  possibilities.  So  you  can  build  an  open 
enterprise  that  makes  sense  for  you  —  and  your  future. 
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CA  enhances  storage  management 


BY  DENI  CONNOR 

Computer  Associates  last  week  an¬ 
nounced  enhancements  to  its  storage  man¬ 
agement  software,  including  a  new  man¬ 
agement  console  and  support  for  more 


environments. 

The  company’s  BrightStor  rl  1 .5  is  a  set  of 
13  products  for  managing,  backing  up  and 
restoring  data  from  mainframes  and  dis¬ 
tributed  systems. 


South  Carolina 

finance  and  accounting  firm  . . .  that  was 
more  than  15  or  20  years  old,”  Murray  says. 

Dispatchers  worked  with  old  Compaq 
PCs  with  15-inch  screens. 

“What  we  were  looking  at  was  not  only 
upgrading  the  technology  but  I  was  trying 
to  develop  a  concept  in  this  center  of  no 
single  point  of  failure,”  Murray  says. 

As  a  result,  Murray  settled  on  Stratus 
fault-tolerant  servers  for  the  hardware  plat¬ 
form.  After  seeing  Stratus  machines  at 
major  banking  institutions  during  his  time 
with  the  Treasury  Department,  Murray 
knew  he  could  rely  on  the  systems  to  keep 
the  emergency  network  running. 

Fault-tolerant  servers  are  designed  with 
multiple  system  components,  such  as  I/O 
and  CPU  that  operate  in  lockstep,  so  that  if 
one  component  fails,  another  picks  up 
and  the  system  keeps  running.These  types 
of  servers  used  to  be  available  only  on 
expensive,  proprietary  hardware.  But  in 
recent  years,  vendors  such  as  Stratus  have 
begun  building  the  boxes  with  industry- 
standard  components.  The  three  ftServer 
3300  boxes  deployed  in  Oconee  County 


for  example,  are  Intel-based  and  run 
Windows. 

Murray,  who  has  one  other  full-time  IT 
staffer  to  help  him,  is  running  parallel 
operations  to  make  sure  systems  remain 
available  during  the  switch  to  the  new 
hardware  and  emergency  applications. 

“It’s  all  new  software,  and  we  still  haven’t 
completed  all  our  data  conversions,"  he 
says.  “That  should  probably  take  another 
year.” 

“The  reality  of  this  thing  is  it’s  an 
overnight  success  that  took  five  years,  and 
we’re  still  working  on  it,”  Murray  says.  “We 
still  have  probably  18  months  of  work  left 
to  do.”  ■ 
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One  new  component  is  Storage 
Command  Center,  which  gives  IT  staffs  a 
dashboard  for  managing  performance  and 
storage  resources  (see  graphic).  A  rules 
engine  will  allow  IT  to  establish  policies 
and  determine  upfront  what  business 
processes  are  going  to  be  affected  if  a 
device  fails,  the  company  says.The  product 
is  to  be  released  this  fall.  Pricing  has  not 
been  announced. 

CA  has  also  upgrad¬ 
ed  pieces  of  Bright¬ 
Stor 

•  An  expanded  ver¬ 
sion  of  ARCserve 
Backup,  data  protec¬ 
tion  software  for  dis¬ 
tributed  systems  that 
the  company  says 
now  has  easier  setup 

and  better  configuration  and  management 
tools.The  software,  which  starts  at  $775,  also 
has  simplified  disk-to-disk  and  disk-to-tape 
operations. 

•  Support  for  Sybase  databases,  Lotus 
Notes  and  SAP  (on  Linux), plus  Microsoft 
SharePoint,  in  Storage  Resource  Manager 
(SRM).The  SRM,  which  starts  at  $2,500, 
features  new  caching  technology  and 
the  capability  to  monitor  and  manage 
midrange  disk  subsystems  from  Sun, 
EMC  and  HP 

•  The  uniting  of  software  for  z/OS,  OS/390, 
MVS.VSE  and  VM  mainframe  environments 
under  a  single  graphical  management 


interface.  In  addition,  the  BrightStor  z/OS 
tape  management,  storage  resource  man¬ 
agement,  backup  and  allocation  products 
are  now  integrated  with  CAs  Unicenter 
ServicePlus  Service  Desk,  so  that  problem 
resolution  can  take  place  from  a  single 
point.  The  company’s  mainframe-based 
BrightStor  CA-Vtape  Virtual  Tape  System 
has  also  been  enhanced  to  include  disk 
buffer  management,  aimed  at  reducing 
resource  consump¬ 
tion  and  enhancing 
performance. 

BrightStor’s  sup¬ 
port  for  a  large  and 
growing  number  of 
storage  environ¬ 
ments  is  what  largely 
sold  Glenn  Exline  on 
the  software.  Exline, 
manager  of  advanced  technology  at  Patrick 
Air  Force  Base  in  Cape  Canaveral,  Fla., 
which  has  Windows  and  Solaris  servers  with 
internal  storage  attached  to  EMC  Clariion 
systems  via  Brocade  Fibre  Channel 
Switches. 

“When  we  initially  looked  at  implement¬ 
ing  a  storage-area  network,  one  of  the 
things  we  were  concerned  about  was  being 
able  to  manage  that  environment,”  Exline 
says.“BrightStor  was  the  one  tool  we  found 
that  was  the  most  vendor-agnostic” 
BrightStor  products  are  available  under 
several  pricing  schemes,  including  a  revised 
plan  based  on  terabytes  of  storage.  ■ 


“BrightStor  was  the 
tool  we  found  that 
was  the  most 
vendor-agnostic.” 

Glenn  Exline,  Patrick  Air  Force  Base 


View  the  latest  Websense  Security  Labs  webcast: 

" Six  Degrees  of  Spyware" 
www.  websensesecuritylabs.  com/webcast 


It's  no  surprise;  employees  are 
often  unaware  of  the  threats  that  put 
the  security  of  their  laptops — and  your 
network — at  risk  every  day. 


Websense  Remote  Filtering  extends  your 
usage  policies  to  the  mobile  workforce, 
keeping  you  protected  from  external 
web  threats  anytime,  anywhere. 


Close  the  security  gap. 

Download  your  free  evaluation  today. 
www.websense.com/remote 
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Sterling  Commerce  leads  the  world  in  helping 
businesses  collaborate  with  their  partners. 


Of  course,  we've  had  a  30  year  head  start. 


For  over  30  years,  Sterling  Commerce  has  led  the  industry  in  helping  successful  organizations  work  more 
effectively  with  suppliers,  subsidiaries  and  customers.  Now,  with  the  first  platform  to  meet  all  the  challenges 
of  real-world  multi-enterprise  collaboration,  Sterling  Commerce  can  help  you  achieve  end-to-end  visibility, 
and  real-time  control  over  shared  business  processes.  So  you  can  make  faster,  better-informed  decisions  to 
help  cut  costs  and  accelerate  time  to  market.  In  fact,  a  majority  of  the  world's  leading  companies  already 
depend  on  us.  That's  a  tough  act  to  follow.  Contact  us  today.  Or  visit  us  at  www.sterlingcommerce.com 
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Short  Takes 


■  As  it  prepares  to  consummate  its 
$200  million  merger  with  BEA 
Systems  Plumtree  Software  is 

going  ahead  with  plans  to  launch  a 
major  new  version  of  its  portal  soft¬ 
ware  at  its  user  conference  next 
month.  Plumtree  is  keeping  most  of 
the  technical  details  of  its  Plumtree 
6.0  platform  under  wraps,  but  the  new 
version  will  include  native  Java  and 
.Net  interfaces.  Plumtree  has  strug¬ 
gled  for  share  in  a  portal  market 
increasingly  dominated  by  applica¬ 
tions  and  middleware  giants  SAP  AG, 
IBM  and  Oracle,  which  often  sell  por¬ 
tal  software  as  an  add-on  to  cus¬ 
tomers  buying  from  their  broader 
software  stacks. 

■  Microsoft  last  week  renamed  its 
suite  of  next-generation  business 
applications  for  the  midmarket  and 
reiterated  plans  to  tie  them  together 
with  Office  on  the  front  end  and 
infrastructure  software  on  the  back 
end.  The  company  unveiled  Microsoft 
Dynamics,  the  evolution  of  Micro¬ 
soft’s  Project  Green.  Each  of  the  five 
Microsoft  business  applications  will 
be  rebranded  with  the  Dynamics 
name  as  the  products  are  upgraded 
on  their  regular  release  cycles.  The 
first  two  will  be  Great  Plains  9.0  and 
Microsoft  CRM  3.0.  They  will  ship  by 
year-end  as  Dynamics  GP  and 
Dynamics  CRM.  The  rest  of  the 
release  cycle  will  happen  in  2006,  with 
Dynamics  AX  (formerly  Axapta  4.0) 
set  for  release  before  July  1,  and 
Dynamics  NAV  (formerly  Navision 
5.0)  and  Dynamics  SL  (formerly 
Solomon  7.0)  slated  for  release 
before  year-end.  Observers  say 
Microsoft  is  playing  catch-up  with 
SAP  and  Oracle  to  provide  business 
software  to  the  midmarket  that  is 
designed  around  XML  and  the  Web 
services  concept  of  reusable  network 
services  as  part  business  process 
automation.  With  Dynamics, 

Microsoft  will  release  up  to  50  role- 
based  interfaces  for  such  Office 
applications  as  Outlook,  Excel  and 
Word  tailored  for  specific  workers 
from  sales  executives  to  warehouse 
managers. 


High-tech 

BY  JAMES  NIGCOLAI,  IDG  NEWS  SERVICE 

Almost  half  of  the  world’s  airlines  plan  to 
offer  some  form  of  in-flight  communication 
for  passengers  by  the  end  of  2007,  with 
most  favoring  Internet  access,  e-mail  and 
short  messaging  service,  according  to  the 
Airline  IT  Trends  Survey  released  last  week. 

Perhaps  surprisingly  more  than  one-third 
of  airlines  surveyed  also  say  they  expect  to 
let  passengers  use  mobile  phones  on 
planes  by  that  time,  according  to  the  survey, 
published  annually  by  SITA,  a  large 
provider  of  IT  services  to  the  air  transport 
industry 

“Mobile  telephony  —  which  is  the  least 


BY  JOHN  COX 

EAgency  last  week  released  updated  ver¬ 
sions  of  two  products  that  let  mobile  work¬ 
ers  wirelessly  update  CRM  and  other  cor¬ 
porate  data. 

The  main  change  is  that  both  applica¬ 
tions  —  Nice  Office  and  Wireless  Infor¬ 
mation  Exchange  (WIX)  —  from  eAgency 
now  support  the  latest  Microsoft  operating 
system  for  mobile  devices,  Windows 
Mobile  5.0,  in  both  the  Fbcket  PC  and 
SmartPhone  versions. 

With  Nice  Office  customers  push  a  subset 
of  data  to  eAgency’s  servers,  and  mobile 
users,  including  business  partners  and  cus¬ 
tomers,  can  synchronize  not  just  e-mail  and 
contacts  but  CRMs,  sales,  inventory  and 
other  critical  data. 

As  a  hosted  Web  service,  Nice  Office  can 
work  with  existing  hardware,  both  hand¬ 
held  and  desktop,  and  doesn’t  require 
costly  data  integration,  according  to  com¬ 
pany  executives. 

WIX  is  server  software  behind  a  corpo¬ 
rate  firewall,  which  lets  mobile  users 
access  a  company’s  stock  of  SQL-based 
reports  such  as  sales  forecasts,  clients,  and 
paid  and  pending  commissions.  A  small 
client  program  runs  on  the  handheld  or 
laptop  and  manages  the  connection  and 
data  transfer  with  the  WIX  server.  Users  see 
a  set  of  icons  for  their  authorized  reports, 
click  on  one,  and  the  server  triggers  the 
SQL  query  to  the  backend  database.  The 
results  are  returned  to  the  mobile  device 
for  display 

The  new  release  of  WIX  works  with 


air  travel 

mature  and  probably  the  most  controver¬ 
sial  option  —  will  be  embraced  by  36%  of 
airlines  by  2007,  which  is  quite  remarkable 
considering  the  product  is  not  yet  avail¬ 
able,”  says  Peter  Buecking,SITAs  president. 

The  findings  are  based  on  responses  from 
senior  IT  executives  at  the  world’s  top  200 
airlines,  as  well  as  big  players  in  cargo  and 
other  markets,  said  SITA,  which  has  head¬ 
quarters  in  Geneva.  The  airlines  that 
responded  account  for  two-thirds  of  the 
world’s  airline  revenue,  it  says. 

The  communication  services  are  de¬ 
signed  to  snag  new  customers  and  build 
loyalty  at  a  time  when  many  airlines  are 


Research  in  Motion’s  BlackBerry  Enter¬ 
prise  Server.That  support  means  wireless  e- 
mails  and  attachments  can  be  pushed  out 
to  anyone  with  a  WIX  server  account. 

The  wireless  support  interested  indepen¬ 
dent  insurance  agents  representing  Aflac 
Insurance,  in  Burbank,  Calif.  In  a  two- 
month  pilot,  the  insurance  company  has 
replaced  paper  day  planners  and  cell 
phone  calling  lists  with  the  RIM 
BlackBerry  7520  PDA,  with  a  keyboard  and 
display  and  access  to  the  hosted  Nice 
Office  service.  Aflac  gets  the  usual 
BlackBerry  instant  e-mails,  but  also  can 
access  Aflac  customer  forms  and  a  variety 
of  company  reports  in  the  field  as  they 
work  with  clients  and  prospects,  without 
having  to  return  to  their  offices. 


soars 

struggling  to  turn  a  profit.  Airlines  also  are 
increasingly  turning  to  self-service  systems, 
such  as  online  ticket  sales  and  check-in 
kiosks,  to  cut  costs  and  move  customers 
through  airports  more  quickly  the  survey 
found. 

Seventy  percent  of  the  world’s  airlines 
now  sell  tickets  through  the  Internet,  and 
30%  of  all  tickets  issued  are  electronic,  up 
from  19%  a  year  ago,  SITA  says. 

Sixty  percent  of  the  airlines  questioned 
reported  using  self-service  kiosks.  Most  of 
those  are  tied  to  a  particular  airline  today 
but  many  will  be  general-purpose  kiosks  by 
See  Air  travel,  page  34 


“I  was  working  with  an  existing  client, 
and  I  didn’t  have  the  proper  paperwork 
with  me,”  says  Aflac  Associate  Michael 
Rinke.“I  picked  up  the  right  form  from  Nice 
Office  with  my  PDA  and  e-mailed  it  to  my 
client.  They  got  it  in  minutes,  and  we  took 
care  of  it  right  there.” 

Rivals  that  offer  some  parts  of 
eAgency’s  product  line  include  Sales- 
force.com’s  Salesforce  and  iEnterprise’s 
CRM  on  the  Go. 

The  hosted  Nice  Office  service  starts  at 
$50  per  month  per  user,  with  volume  dis- 
counts.The  WIX  server  is  $5,000  for  the  first 
20  users,  with  a  yearly  maintenance  fee  of 
18%.  Volume  discounts  also  apply.  The 
prices  of  the  new  versions  are  unchanged, 
and  both  are  available.  ■ 


Vendor  bolsters  wireless  CRM  offering 


Profile:  eAgency  Systems 


Location: 

Newport  Beach,  Calif. 

Eniinffoifl* 

lOII  II U  via  b 

2000 

Business: 

Nice  Office,  an  ASP-based  service  that  synchronizes  CRM,  sales  and  other  corporate  data 
over  wireless  nets,  between  mobile  devices  and  corporate  servers;  and  Wireless  Information 
Exchange  application  to  make  existing  SQL-based  reports  available  on  handhelds. 

Founder; 

Chairman  and  CEO:  Robert  Lotter,  named  Ernst  &  Young  Entrepreneur  of  the  Year  in  2000; 
formerly  headed  a  large  financial  planning  group  in  California. 

Finances: 

$18  million,  all  raised  privately. 

Customers: 

1,200  customers,  including  Financial  Health  Research  Institute,  Oasis  Insurance,  TSA 
Construction,  Allianz  Life  Insurance  Company  of  North  America,  Emergency  Physicians 
Insurance  Company. 

Fun  fact: 

Founder  Bob  Lotter,  an  Indiana  native,  collects  motorcycles  including  a  Russian  army  bike 
and  a  new  BMW. 

34  *  www.networkworld.com  •  9.12.05 


NET  INSIDER 
Scott  Bradner 


My  Internet  link  has  been  down 
for  the  last  five  days.  This  is  not 
any  kind  of  tragedy  along  the 
lines  of  what  has  been  happening 
in  New  Orleans  and  the  Gulf  area, 
but  it  did  bring  home  to  me  how 
dependent  I’ve  become  on 
Internet-based  resources  for  my 
daily  life. 

I  won’t  go  into  my  frustrations 
with  Verizon  other  than  to  say  that 
while  many  employees  there 
have  been  working  quite  hard  to 


Heading  for  a  fall  without  the  'Net 


get  my  line  back  up  again,  too 
often  that  work  has  involved  con¬ 
vincing  Verizon  higher-ups  that 
the  customer  (me)  actually  want¬ 
ed  his  service  restored. 

The  pattern  was  that  as  soon  as 
one  supervisor  was  convinced  to 
dispatch  someone,  there  would 
be  a  shift  change  and  the  con¬ 
vincing,  first  by  me  of  a  new  cus¬ 
tomer  agent,  then  of  the  new 
supervisor  by  the  customer  agent, 
would  have  to  be  done  all  over 
again.  As  I  submit  this,  the  line  is 
still  down  six  days  after  the  prob¬ 
lem  started  and  five  days  after  the 
line  became  unusable.  Note  that  I 
have  a  business,  not  consumer 
service.  I  have  no  idea  how  bad 
the  response  would  have  been  for 
a  consumer  DSL  line. 

I  haven’t  been  totally  without 


Internet  connectivity  I  have  been 
using  dial-up  since  the  problem 
started, but  it’s  a  bad  substitute  for 
the  always-on  T-l,and  the  dial-up 
does  not  support  mail  to  my 
sob@sobco.com  e-mail  address 
or  my  Web  site.  It  turns  out  that 
most  of  my  day-to-day  activities  at 
work  and  at  home  involve  access¬ 
ing  the  ’Net  in  some  way  A  lot  of 
the  use  is  mundane  and  person¬ 
al,  such  as  following  the  news, 
looking  up  miscellaneous  infor¬ 
mation,  including  phone  num¬ 
bers,  driving  directions  and 
movie  schedules;  listening  to 
music,  tracking  the  real-time  stats 
of  motor  races,  exchanging  e-mail 
with  my  sister  and  capriciously 
Googling  just  about  anything. 

Speaking  of  the  news,  I  feel  like 
I’m  in  the  news  Dark  Ages,  having 


gone  from  actively  seeking  news 
from  many  sources  on  topics  I 
find  interesting  to  being  at  the 
mercy  of  the  commercial  TV 
news  channels.  I’m  amazed  at  the 
random  topics  that  I’ve  gotten  in 
the  habit  of  Googling  based  on 
some  mention  in  the  news  or  on 
some  Web  page.  I  seem  to  be 
becoming  a  personification  of 
the  adage  of  knowing  more  and 
more  about  less  and  less,  but 
maybe  that  is  a  feature  of  the  Age 
of  Google  that  we  are  living  in.  I 
also  use  the  ’Net  extensively  in 
my  Harvard  day  job  (a  job  that 
does  not  stop  when  I  leave  the 
office).  I  have  to  keep  up-to-date 
concerning  security  topics  and 
threats  and  monitor  university 
activities.  I  also  need  good  con¬ 
nectivity  for  my  consulting  — 


researching  for  these  columns, 
looking  for  patent  prior  art, check¬ 
ing  out  new  companies  and  new 
technologies  and  so  on. 

I’m  embarrassed  to  say  that  I’ve 
been  caught  not  practicing  what  I 
preach:  I  have  neglected  my  back¬ 
up  Web  site  for  the  last  six  months, 
so  it’s  far  from  being  up-todate.  I’ll 
be  happy  when  (if?)  Verizon  gets 
my  connectivity  back  and,  at  least 
for  a  little  while,  may  recognize 
my  current  state  of  dependency 

Disclaimer:  Harvard  has  no 
opinion  that  I  know  about  my  T-l 
outage,  so  the  above  represents 
my  own  thoughts. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sob.com. 


Sybase  readies 
revamped  database 

BY  STACY  COWLEY,  IDG  NEWS  SERVICE 

Sybase  is  preparing  to  release  this  week  a  major  new  version  of  its 
database  software,  Adaptive  Server  Enterprise  15.The  update  offers  cus¬ 
tomers  greater  security  and  scalability  features,  with  significant 
advances  in  areas  such  as  encryption  and  manageability,  according  to 
the  company 

One  key  feature  in  ASE  15  is  a  new  query-processing  engine  intended 
to  lower  users’  operating  costs  and  improve  performance.  Customers 
are  no  longer  using  databases  only  for  transactional  processing; 
increasingly  they’re  simultaneously  running  analytics  software  to  mine 
stored  information.  ASE  15’s  new  engine  is  designed  to  handle  the  per¬ 
formance  demands  of  mixed  workload  environments  running  both 
online  transaction  processing  applications. 

In  a  white  paper  posted  on  its  Web  site,  Sybase  details  its  host  of  opti¬ 
mization  changes  to  the  engine,  which  include  new  hashing  and  data 
partitioning  techniques,  technology  to  help  shape  complex  queries  for 
faster  execution  and  parallel  query  features  enabling  simultaneous  use 
of  multiple  processors  so  that  hardware  will  be  used  more  efficiently 
Such  changes  can  save  money  by  reducing  staff  resources  and  time 
needed  to  maintain  Sybase  databases. 

Data  security  is  another  focus  area.  ASE  15  introduces  a  new  on-disk 
encryption  system  intended  to  protect  data  without  requiring  applica¬ 
tion  modifications.  It  includes  a  permission-based  security  system  for 
encryption  keys,  providing  them  only  to  designated  users. 

Sybase’s  current  ASE  architecture, Version  12.5,  debuted  in  2001  and 
received  its  last  serious  overhaul  18  months  ago,  to  Version  12.5.2.  ASE 
15  has  been  in  beta  testing  for  more  than  a  year.  The  new  version  is 
scheduled  for  a  formal  launch  Sept.  15  and  also  will  begin  shipping  to 
customers,  says  Raj  Nathan,  senior  vice  president  of  Sybase’s  IT  group. 
An  ASE  15  version  of  Sybase’s  free,  more  limited  database,  ASE  Express 
for  Linux,  will  follow  within  90  days,  he  says. 

In  the  relational  database  management  system  market,  Sybase  is  a 
small  player.  Research  firms  Gartner  and  IDC  each  estimate  Sybase’s 
2004  market  share  at  around  3%,  compared  with  the  commanding  40% 
shares  held  by  market  leaders  IBM  and  Oracle.  Microsoft  trails  distantly 
in  third  but  holds  a  double-digit  market  share.  Sybase  has  a  strong 
foothold  in  the  financial  services  and  banking  markets.  ■ 


Air  travel 

continued  from  page  33 

2007,  where  passengers  can  check 
in  with  any  airline,  SITA  found. 

More  passengers  also  might  be 
able  to  print  boarding  passes 
before  leaving  for  the  airport,  a 
measure  that  could  reduce 
crowding  at  airline  counters. 

That’s  because  almost  two-thirds 
of  airlines  say  they  plan  to  introduce  bar  codes 
on  tickets,  rather  than  magnetic  strips,  by  the  end 
of  2007. 

The  bar  codes  also  could  allow  passengers  to  pre¬ 
sent  their  boarding  passes  at  the  gate  on  a  mobile 
phone  or  PDA  rather  than  using  a  paper  copy. 

Paul  Coby,  SITAs  chairman  and  the  CIO  at  British 
Airways  PLC,  says  airlines  will  be  “the  world’s  first 
fully  Web-enabled  industry?’ 

Life  will  only  improve,  of  course,  if  the  technologies 
work.The  high-profile  failure  of  a  computerized  bag¬ 
gage  system  at  Denver  International  Airport  showed 
that  things  don’t  always  go  as  planned.  That  system 
cost  millions  of  dollars  and  a  decade  to  build,  but  it 
is  due  to  be  scrapped  this  year,  in  part  because  it 
damaged  or  lost  too  many  bags. 

Nor  is  the  rate  of  advance 
evenly  distributed.  Airlines  that 
are  strapped  for  cash  or  unwill¬ 
ing  to  spend  will  create  a  world 
of  “haves  and  have  nots,”  SITA 
says.  That’s  bad  news  for  the 
industry,  since  airlines  that  switch 
to  electronic  tickets  only,  for 
example,  must  still  interact  with 
paper-based  systems  at  technolo¬ 
gy  laggards. 

“Even  in  North  America  and 
Europe  there  are  several  airlines 
that  are  struggling  financially  mak¬ 
ing  it  hard  for  them  to  keep  up 
with  the  technology  pace-setters,” 


Buecking  says. 

In  the  Asia  Pacific,  by  contrast, 
technology  investments  are 
strong  thanks  to  growing  ticket 
sales.  Asia  Pacific  airlines  are 
now  the  leading  innovators, 
according  to  the  survey  particu¬ 
larly  with  communications  ser¬ 
vices  for  business  travelers. 

Still,  North  America  already  had 
a  considerable  lead,  so  other 
regions  are  playing  catch-up.  Sixty-three  percent  of 
tickets  in  North  America  are  sold  through  online 
channels,  compared  to  24%  in  Europe  and  10%  in 
Asia,  the  survey  found. 

The  report  didn’t  discuss  one  of  the  biggest 
annoyances  for  airline  passengers:  being 
bumped  from  overbooked  flights.  Nor  is  technol¬ 
ogy  likely  to  improve  that  much,  since  it  results 
from  business  decisions  at  the  airlines,  says 
James  Fremantle,  an  adviser  with  the  Air 
Transport  Users  Council,  a  U.K.  consumer  watch¬ 
dog  for  the  airlines  industry. 

Many  airlines  sell  a  number  of  higher-priced, 
flexible  tickets  that  allow  travelers  to  cancel  or 
switch  flights  at  the  last  minute.  To  compensate 
for  those  cancellations  and 
other  no-shows,  airlines  over¬ 
book  planes  to  ensure  all  their 
seats  are  full. 

The  Air  Transport  Users 
Council  does  not  take  a  nega¬ 
tive  view  of  this,  Fremantle 
says.  Selling  the  premium-rate 
tickets  and  ensuring  planes  are 
full  helps  airlines  offer  lower 
fares  overall,  he  says. 

Better  technology  could  help 
reduce  bumping  to  some  extent, 
by  helping  airlines  build  more 
accurate  models  for  determining 
how  much  they  need  to  over¬ 
book  flights.  ■ 


High-tech  flyers 

Airlines  sell  30%  of  all  tickets 
electronically,  up  19%  in  the 
past  year,  while  70%  of  the 
world's  airlines  now  sell  tick¬ 
ets  through  the  Internet. 

SOURCE:  SITA 
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DemFall 

Join  the  leaders  Sept.  19-21  at  DemoFall 
2005  —  where  the  brightest  minds 
unveil  the  most  exciting  new  technology 
products.  Experience  unparalleled  innova¬ 
tion,  and  network  with  powerful  journal¬ 
ists,  analysts  and  venture  capitalists. 
Register  now! 
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R  PELS  INTRUDERS, 
EMBRACES  SIP  PROTOCOL 


Moving  to  VoIP  shouldn’t  create  security  issues  for  your  business.  It 
should  eliminate  them.  That’s  why  the  Zultvs  MX250  IP  PBX  runs  on 

a  real-time  Linux  operating  system  that  is 
secure:  and  not  vulnerable  to  attack.  And, 


since  encryption  is  a  standard  feature,  it  is  impossible  for  anyone  to  intercept 
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sensitive  communications.  Best  of  all,  the  Zultys  MX250  does  all  this 
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straight  out  of  the  box.  To  learn  more  about  ZULTYS 


adding  secure  VoIP,  access  www.zultys.com/nw. 
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?'  2005' Zultys  Technologies'. 


VoIP  vs.  VolQ 


Trust  us,  it's  an  unbelievable  number. 


It's  8am.  Guess  how  many  attacks  hit  your  network  la  t  night. 


:■  - 


Get  all-in-one  protection  for 
viruses,  spyware  and  more 
with  the  SonicWALL  Unified 
Threat  Management  Solution 


But  how  do  you  get  enterprise-class  security  without  blowing  your  budget?  SonicWALL®  has  the  answer. 

We  take  state-of-the-art  network  security  and  make  it  simple,  reliable  and  affordable.  So  you  can  feel  secure. 


Take  our  Unified  Threat  Management  Solution.  It's  real  network  security  that  delivers  intelligent,  real-time 
protection  against  the  most  sophisticated  new  viruses,  spyware  and  network  attacks.  It  combines  a  powerful, 
deep  packet  inspection  engine  with  a  continuously  updated  database  of  the  latest  attack  signatures. 
Comprehensive  security  in  an  affordable,  usable  package — that's  the  SonicWALL  answer. 


Take  the  guesswork  out  of  network  security.  For  more  details  on  our  Gateway  Anti-Virus,  Anti-Spyware, 

Intrusion  Prevention  and  other  threat  management  solutions  visit  www.sonicwall.com/home/gav.asp 
or  call  us  at  +1  888.557.6642. 

The  worldwide  leader  in  Unified  Threat  Management  is  hiring.  Visit  www.sonicwall.com  for  details. 

Around  the  clock,  around  the  world,  and  around  the  Web- 

SonicWALL  is  there  for  you . 
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BellSouth  works  to  repair  damage 

Carrier  recovers  half  of  lines  knocked  out  by  hurricane;  cost  estimates  at  $600  million. 


BY  JIM  DUFFY 

BellSouth  says  the  cost  of  repairing  dam¬ 
age  to  its  network  from  Hurricane  Katrina 
could  reach  $600  million. 

The  carrier,  which  serves  a  nine-state 
region  in  the  Southeast  —  including  the 
hurricane-torn  states  of  Louisiana,  Miss¬ 
issippi  and  Alabama  —  says  it  lost  810,000 
lines,  roughly  one-sixth  of  the  4.7  million 
lines  BellSouth  has  in  service  in  the  area. 
Earlier  this  week,  BellSouth  said  1.75  mil¬ 
lion  lines  were  affected  by  the  storm. 

BellSouth  also  says  19  of  the  131  central 
offices  in  the  Gulf  Coast  area  were  dis¬ 
abled.  Those  19  central  offices  serve 
187,000  access  lines,  166,000  of  which  are 
in  the  devastated  city  of  New  Orleans. 
Restoration  plans  for  these  central  offices 


Short  Takes 


■  Hammerhead  Systems  last  week 
unveiled  a  network  management  sys¬ 
tem  designed  to  enable  service  pro¬ 
viders  to  monitor  and  control  Web- 
based  services.  The  Pegador  SOA 
system  is  intended  to  support  1,000 
service  profiles  on  one  port  of  the 
company’s  HSX  6000  multiservice 
edge  switch,  with  VoIP,  IP  Video,  Inter¬ 
net,  e-mail  and  business  services.  The 
profiles  can  be  pre-engineered  onto  a 
network,  enabling  rapid  provisioning 
of  services  using  automated  tools. 
The  system  supports  theTeleMan- 
agement  Forum  854  XML/SOAP  Inter¬ 
face.  It  is  expected  to  ship  in  October. 

■  MCI  announced  last  week  it  is  de¬ 
ploying  an  IP  MPLS  network  in  Eu¬ 
rope  for  StorageTek,  a  data  storage 
and  life-cycle  management  company. 
StorageTek  is  in  the  final  phase  of 
replacing  its  global  frame  relay  net¬ 
work  with  MCl’s  fully  managed  Pri¬ 
vate  IP  MPLS  service.  MCI  has 
already  deployed  the  service  for 
StorageTek  in  Asia  Pacific  and  Latin 
America.  This  final  leg  of  the  deploy¬ 
ment  connects  45  cities  in  Europe 
with  the  company's  sites  in  Asia,  Latin 
America  and  Canada. 


are  in  development, 
according  to  BellSouth. 

Service  to  most  cus¬ 
tomers  will  be  restored 
within  30  days,  the  carri¬ 
er  says,  though  some 
communities  might  take 
longer  to  rebuild,  de¬ 
pending  on  when  resi¬ 
dents  and  businesses  are 
able  to  return  to  these  areas  and  the  time  it 
takes  to  rebuild  local  infrastructures. 

New  Orleans,  with  floodwaters  that 
might  take  months  to  recede,  is  “an  atypi¬ 
cal  situation,”  the  carrier  says,  and 
because  of  this  BellSouth  will  track 
restoration  activity  separately. 

The  carrier  is  prioritizing  service 
restoration  on  customers  involved  with 


The  past  few  years  have  seen  a  dramatic 
increase  in  the  number  of  “virtual  workers” 
—  individuals  who  work  in  different  geo¬ 
graphic  locations  from  their  managers  or 
peers.  Virtual  workers  aren’t  necessarily 
telecommuters  —  you  can  be  a  virtual 
worker  at  a  headquarters  office,  with  your 
team  distributed  across  remote  or  branch 
offices.  (Telecommuters  are,  of  course,  vir¬ 
tual  workers  by  definition.) 

Nemertes  has  benchmarked  a  ninefold 
increase  in  the  number  of  virtual  workers 
over  the  past  five  years.  Moreover,  the  num¬ 
ber  of  employees  working  away  from 
headquarters  locations  has  been  holding 
steady  at  90%  for  the  past  several  years.  In 
other  words,  today’s  organizations  are 
more  virtual,  and  more  highly  distributed, 
than  ever  before  —  and  they’re  becoming 
even  more  so. 

Why?  Several  reasons,  all  fundamentally 
economic. 

First  is  the  inexorable  upward  cost  of  real 
estate.  Housing  an  employee  in  a  headquar¬ 
ters  location  (including  facilities  rental,  util¬ 
ities  and  upkeep)  costs  about  twice  as 


public  safety  concerns 
and  relief  efforts. 
Wireless  service  restora¬ 
tion  also  is  a  priority. 

“Our  overall  restora¬ 
tion  activities  are  ongo¬ 
ing  and  we  are  making 
good  progress  daily” 
said  BellSouth  CTO  Bill 
Smith  in  a  statement. 

The  carrier  says  it  is  too  early  to  project 
the  total  magnitude  of  destruction 
caused  by  Hurricane  Katrina.  But  based 
on  the  information  currently  available 
and  without  the  opportunity  to  survey 
and  physically  assess  the  entire  area, 
BellSouth’s  initial  estimate  is  a  cost  of 
$400  million  to  $600  million,  including 
both  capital  and  expense,  for  network 


much  as  providing  that  employee  with  all 
IT  services  combined  (hardware,  software, 
networking  and  support).  Move  the  same 
employee  out  to  a  remote  or  branch  office 
and  the  cost  of  facilities  drops  to  about  that 
of  IT.  Put  that  same  employee  in  a  home 
office  and  the  cost  of  facilities  drops  to  vir¬ 
tually  zero.  Thus,  it  makes  plain  economic 
sense  to  push  employees  as  far  out  into  the 
field  as  possible. 

The  second  reason  driving  companies 
toward  a  virtual  workplace  is  agility  —  the 
ability  to  respond  in  real  time  to  changing 
market  conditions  without  breaking  the 
bank.  Companies  have  saved  millions  of 
dollars  annually  by  not  having  to  replace 
or  move  employees  as  they  make  organi¬ 
zational  shifts.  And  I’ve  already  written 
about  the  healthcare  organization  that  by 
moving  to  a  virtual  contact  center  model 
for  its  “dial-a-nurse”  service  not  only  saved 
more  than  $3  million  in  facilities  costs  but 
also  managed  to  increase  its  ability  to 
recruit  and  retain  top  nursing  talent. 

But  there’s  also  an  economic  driver  that’s 
emerged  in  the  past  few  months  and  for 
macroeconomic  reasons  appears  here  to 
stay  For  the  first  time  in  U.S.  history,  con¬ 
sumer  bandwidth  is  less  expensive  than 


restoration. 

BellSouth  has  about  13,000  employees 
in  Louisiana,  Mississippi  and  Alabama, 
6,500  of  whom  are  in  areas  hardest  hit  by 
Katrina.  BellSouth  has  set  up  “tent  cities” 
in  Baton  Rouge  and  Covington,  La.;  and 
Gulfport,  Hattiesburg  and  Jackson,  Miss., 
to  provide  food,  shelter,  clothing,  finan¬ 
cial  support  and  employee  assistance 
programs  for  those  employees. 

An  additional  location  will  be  estab¬ 
lished  in  Kenner,  La.  The  cities  also  will 
serve  as  deployment  areas  for  BellSouth 
technicians  and  engineers  who  will  be 
sent  back  into  impacted  areas  to  restore 
service  for  customers. 

BellSouth  did  not  estimate  the  drag 
Katrina  will  have  on  its  revenue  and 
earnings  for  the  current  quarter.  ■ 


consumer  fuel.  Think  about  it:  The  going 
rate  for  broadband  connectivity  to  the 
home  is  up  to  $50  per  month  (though 
some  business-class  services  may  run  as 
high  as  $150  per  month).  If  the  going  rate 
for  gasoline  is  $3.70  per  gallon,  those 
monthly  broadband  expenditures  will  buy 
about  350  to  1,000  miles  of  commuting 
(figuring  a  25-mile-per-gallon  vehicle). 
That’s  the  equivalent  of  a  daily  commute 
of  between  17  and  52  miles.  By  enabling 
employees  to  work  virtually  you’re  allow¬ 
ing  them  to  save  what’s  rapidly  becoming 
a  significant  line  item  in  their  budgets. 

The  bottom  line?  Watch  for  virtual  work¬ 
place  technologies  —  including  audio, 
video,  Web  conferencing,  instant  messag¬ 
ing  and  “real-time  communications  dash¬ 
boards”  to  take  off  dramatically.  The  time 
—  and  the  price  —  is  right. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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Lines  down 

Of  BellSouth's  4.7  million 
lines  in  Louisiana,  Mississippi 
and  Alabama, 

1.75  million 

were  affected  by  Katrina. 


The  virtual  workplace: 
The  price  is  right 
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NAME 

Mr.  50,000  Global 
Remote  and  Mobile 
Users  Connected 
Without  a  VPN. 


NISSAN 


"At  Nissan,  we  expect  to  save  at  least  $135  million  annually 
thanks  to  the  efficiencies  that  Windows  Server  2003  and 
Exchange  Server  2003  are  helping  us  achieve." 

Toshihiko  Suda 

Senior  Manager,  Nissan  Motor  Company,  Ltd. 


Make  a  name  for  yourself  with  Windows  Server  System. 

An  upgrade  to  Microsoft  Windows  Server  System 
made  it  possible  for  50,000  worldwide  employees 
at  Nissan  Motor  Company  to  have  more  secure 
remote  access  to  their  e-mail  and  calendars 
from  any  Internet  connection,  without  the  hassle 
and  expense  of  a  VPN.  Here's  how:  By  deploying 
Windows  Server  2003  and  Exchange  2003,  not  only 
did  Nissan  IT  meet  the  CEO's  demand  for  better  global 
collaboration,  they  expect  to  save  at  least  $135  million 
by  streamlining  their  messaging  infrastructure. 
To  get  the  full  Nissan  story  or  find  a  Microsoft 
Certified  Partner,  go  to  microsoft.com/wssystem 


Microsoft® 


Windows 
Server  System 


Windows  Server  System'"  includes: 


Server  Platform  Windows  Server'*' 


Virtualization 

Virtual  Server 

Data  Management  &  Analysis 

SQL  Server™ 

Communications 

Exchange  Server 

Portals  &  Collaboration 

Office  SharePoint'  Portal  Server 

Integration 

BizTalk*  Server 

Management 

Systems  Management  Server 

Microsoft'  Operations  Manager 

Security 

Internet  Security  &  Acceleration  Server 

Plus  other  software  products 
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BROADBAND  ALTERNATIVES 


Powering  up  a  new  kind  of  broadband 


It  still  registers  barely  a  blip  on  the 
broadband  radar  screen.  But 
momentum  is  starting  to  build 
behind  broadband  over  powerline 
as  a  viable  high-speed  Internet  access 
alternative. 

In  the  past  three  months  a  handful  of 
significant  events  have  occurred: 

•  A  $100  million  investment  in  Current 
Communications,  a  Cincinnati  BPL  ser¬ 
vice  provider,  by  Google  and  others. 

•  IBM’s  participation  in  a  pilot  project 
with  CenterFbint  Energy  to  offer  BPL  ser¬ 
vice  to  220  homes  in  the  Houston  area. 

•  And  work  within  the  IEEE  to  create  a 
standard  —  called  PI 901  —  to  define  an 
efficient  BPL  channel  over  AC  power 
lines.  The  standard  is  targeted  for  com¬ 
pletion  in  early  2007. 

These  developments  follow  a  ruling  by 
the  FCC  designed  to  limit  interference  to 
other  radio  frequency  devices.The  FCC’s 
action  requires  BPL  providers  to  employ 
devices  that  can  switch  frequencies  if 
they  cause  interference  and  that  can  be 
shut  down  remotely  (www.networkworld. 
com,  DocFinder:  8822). 

FCC  commissioners  also  will  require  a 
national  database  of  BPL  installations  for 
public  safety  agencies,  amateur  radio  oper¬ 
ators  and  others. 

Taken  together, these  developments  could 
help  drive  a  compound  annual  growth  rate 
in  BPL  revenue  of  90%  over  the  next  seven 
years,  according  to  Telecom  Trends  Inter¬ 
national.  The  market  watcher  says  BPL  rev¬ 
enue  is  expected  to  grow  from  $57  million 
in  2004  to  $4.4  billion  in  201 1. 

There  are  40  BPL  deployments  across  the 
country  in  various  stages  of  trials  and  com¬ 
mercial  service,  according  to  the  United 
Power  Line  Council  (UPLC).  The  largest 
deployment  is  in  Cincinnati,  where  BPL  ser¬ 
vice  from  Cinergy  passes  50,000  homes,  ac¬ 
cording  to  UPLC. 

First-generation  equipment  can  produce 
throughputs  up  to  45M  bit/sec  but  service 
speeds  range  from  500K  to  3M  bit/sec, 
which  is  comparable  to  DSL.  Second-gen¬ 
eration  equipment  will  produce  through¬ 
put  up  to  200M  bit/sec,  according  to  the 
UPLC. 

Yet  BPL  currently  accounted  for  less  than 
2%  of  the  38  million  200K  bit/sec-and-above 
wireline  broadband  access  lines  installed 
in  the  U.S.  in  2004,  according  to  the  FCC. 
And  significant  business  and  technical 
issues  remain  for  the  technology. 

BPL  advocates  have  been  hard-pressed  to 


Nowhere  to  go  but  up 

The  worldwide  market  for 
broadband-over-power  line  products 
and  services  is  on  track  for  a 

90%  compound  annual  growth 
rate,  according  to  market  watcher 
Telecom  Trends  International. 


mold  a  viable  business  model  —  one  that 
can  deliver  the  throughput  and  QoS  users 
expect  while  driving  profits  for  utilities  and 
other  service  providers. 

And  amateur  radio  operators  still  assert 
that,  despite  the  actions  of  the  FCC,  BPL 
interferes  not  only  with  their  transmissions 
but  also  air  traffic  control  and  other  emer¬ 
gency  communications  services. 

‘As  soon  as  you  put  those  kinds  of  fre¬ 
quencies  on  there,  the  wire  turns  into  an 
antenna,”  says  Allen  Pitts,  a  spokesman  for 
the  American  Radio  Relay  League  (ARRL), 
the  national  association  for  Amateur  Radio. 
“It  both  receives  and  transmits.” 

Interference  issues 

There  have  been  recent  BPL  product 
developments  to  mitigate  interference 
issues.  Pitts  noted  Motorola  as  one  vendor 
that  had  developed  a  low-voltage  system 
designed  to  reduce  high-frequency  interfer¬ 
ence  with  radio  transmission  through  radio 
frequency  notch  filtering. 

Other  leading  BPL  vendors,  he  says,  have 
yet  to  follow  suit. 

With  regard  to  the  FCC  decision  in 
October,  ARRL  says  it  believes  the  commis¬ 
sion  acted  hastily  under  pressure  from  the 
Bush  administration  —  which  seeks  univer¬ 
sal  broadband  availability  by  2007  —  to 
fast-track  BPL  deployment. 

“The  interference  issues  were  well 
known,”  Pitts  says.  “But  what  they  did  was 


allow  systems  that  were  unripened 
technologies  to  go  ahead  and  deploy 
There  was  the  big  push,  and  it  was  a 
political  push.  [Former  FCC]  Chair¬ 
man  Pbwell  was  an  unabashed  cheer¬ 
leader  for  this  thing.” 

Pitts  says  he  hopes  interest  in  BPL 
by  deep-pocketed  Google  and  IBM 
will  result  in  more  low-voltage/notch 
filtering  devices  on  the  market.“As  far 
as  people  like  IBM  backing  [BPL], all 
I  can  do  is  say  ‘Well,  now  they’ve  got 
the  money  1  really  hope  they  use  that 
money  wisely  to  [overcome]  interfer: 
ence  issues.” 

He  says  Ham  radio  operators  are 
not  opposed  to  BPL,  just  the  interfer¬ 
ence.  “It’s  a  really  neat  idea,  if  it 
worked.” 

It  is  working, according  to  the  UPLC. 

“We’re  the  utility  industry  we  don’t 
play  games,”  says  Brett  Kilbourne, 
UPLC  director  of  regulatory  services. 
“We  wouldn’t  be  deploying  this  stuff  if 
we  weren’t  absolutely  sure  it’s  not 
going  to  cause  any  interference  that  can’t 
be  mitigated.” 

Kilbourne  says  the  UPLC  hasn’t  received 
any  interference  complaints  from  emer¬ 
gency  service  providers.  They  tend  to  oper¬ 
ate  at  higher  power  anyway 

Nonetheless,  the  UPLC  has  established 
safeguards  to  deal  with  the  probability  of 
interference. The  UPLC  has  an  obligation  to 
notify  emergency  services  institutions 
before  utilities  deploy  BPL  service,  Kil¬ 
bourne  says. 

For  amateur-radio  operators,  the  UPLC  has 
established  a  database  of  BPL  operators 
they  can  contact  in  case  of  interference. 
Kilbourne  says  the  FCC  has  also  mandated 
a  requirement  that  BPL  equipment  be 
capable  of  mitigating  interference  on  a 
dynamic  basis  —  the  operator  can  notch  or 
shift  frequencies  from  a  remote  location. 

“That  should  cure  most  of  the  interfer¬ 
ence,”  Kilbourne  says,  adding  that  mitiga¬ 
tion  techniques  may  be  harder  to  imple¬ 
ment  if  the  BPL  or  emergency  service/ama- 
teur-radio  operations  are  mobile. 

Making  a  business  case 

Kilbourne  says  the  bigger  concern  with 
BPL  is  making  a  compelling  business  case 
for  utilities  to  offer  the  service.  Prices  for 
alternative  broadband  services,  such  as 
DSL,  are  dropping  precipitously  making  it 
hard  to  justify  turning  up  BPL  as  an  adjunct 
to  traditional  electrical  service  if  margins 


are  going  to  rapidly  erode. 

Another  factor  is  use  of  BPL  by  the  utili¬ 
ties  themselves  for  internal  applications, 
such  as  automated  meter  reading,  load 
management  and  outage  reporting.  Utilities 
are  considering  ways  to  harness  the  tech¬ 
nology  for  their  own  benefit  while  provid¬ 
ing  it  to  their  customers  as  another  money¬ 
making  Internet  access  service. 

“The  business  case  and  deciding  how 
these  internal  applications  get  rolled  out 
will  be  the  driving  factors  going  forward,” 
Kilbourne  says. 

The  study  might  include  the  experiences 
of  PPL  Broadband,  the  Internet  access  sub¬ 
sidiary  of  Allentown,  Pa.,  utility  PPL  PPL 
Broadband  has  trials  underway  in  five 
areas  in  Pennsylvania’s  Lehigh  Valley  pass¬ 
ing  about  20,000  homes,  says  A1  Rich- 
enbacher,  chief  network  architect  for  the 
Internet  access  provider. 

The  deployments  provide  BPL  directly  to 
the  electrical  outlet  in  the  home  or  busi¬ 
ness,  as  backhaul  for  802.11b  wireless 
access  and  for  low-voltage  service  to 
schools  and  multi-dwelling  units. 

“We’re  still  understanding  what  technolo¬ 
gies  are  out  there,  and  how  they  interact, 
what  is  the  best  to  use  under  what  circum¬ 
stances  in  what  locations”  Richenbacher 
says.“And  also,  not  a  small  part  of  our  trial,  is 
the  commercial  side  —  what  customers  are 
willing  to  pay  for  what  kinds  of  services.” 

As  for  interference,  Richenbacher  says 
PPL  Broadband  has  had  a  handful  of  com¬ 
plaints.  But  they’ve  been  easily  resolved,  he 
says,  by  shifting  frequencies,  adjusting 
power  levels,  or  just  staying  out  of  frequen¬ 
cy  bands  populated  by  emergency  services 
or  amateur-radio  enthusiasts. 

“Given  the  very  low  power  levels  that 
we’re  using  and  the  availability  of  spec¬ 
trum,  I  think  that  we  can  coexist  out  there 
with  the  vast  majority  of  spectrum  users,” 
Richenbacher  says. 

One  PPL  Broadband  customer  says  inter¬ 
ference  issues  have  subsided  recently  since 
trials  began  in  his  community  16  months 
ago.  Overall,  the  service  seems  to  be  ade¬ 
quate  but  unspectacular. 

“We’ve  had  mixed  reactions,”  says  James 
Sterner,  Hanover  Township,  Pa.,  manager. 
“We  have  it  in  here,  in  our  building.  It’s  like 
any  other  Internet  provider.  There’s  times 
when  it’s  down,  but  it’s  not  down  that  long.” 

The  township  has  no  time  frame  for  turn¬ 
ing  it  into  a  production  deployment. 

“We’re  going  to  have  to  see  what  the 
results  are  here,”  Sterner  says.  ■ 


A  COLLABORATION  SYSTEM  ONE 
HUNDRED  TIMES  MORE  ELABORATE 

ISN’T  ONE  HUNDRED  TIMES  MORE  EFFECTIVE. 

It’s  time  for  a  collaboration  solution  people  will  use  -  and  can  actually 
manage.  Ipswitch  Collaboration  Suite  is  designed  specifically  for  small- 
and  medium-sized  businesses.  So  it’s  easy  to  set  up  and  integrate  with 
popular  e-mail  clients,  including  Microsoft15  Outlook".  Featuring  real-time 
collaboration  tools,  e-mail,  group  calendaring  and  scheduling  and 
instant  messaging.  It’s  collaboration  without  complication. 

Ipswitch  Collaboration  Suite. 

It  just  works. 


dCl  Collaboration  Suite 


Visit  www.ipswitch.com  to 
download  a  30-day  free  trial. 


IPSWITCH 


£ 


All  trademarks  are  the  property  of  their  respective  owners. 


...and  then  there’s  Intel®  Centrino™  mobile  technology. 

Intel®  Centrino"  mobile  technology  for 
laptops  is  designed  from  the  ground  up 
to  make  anything  else  feel  limiting.  It 
delivers  outstanding  mobile  performance. 

It  enables  great  battery  life  in  a  new 
generation  of  thin,  light,  wireless  laptops. 
And  you  don’t  need  cables  or  wireless  cards 
to  keep  your  users  connected.* 

Laptops  to  really  mobilize  your  workforce: 
intel.com/business. 

intel. 


MOBILE 

TECHNOLOGY 


•Wireless  connectivity  and  some  features  may  require  you  to  purchase  additional  software,  services,  or  external  hardware.  System  performance  measured  by  MobileMark  2002.  System  performance,  battery  life,  wireless  performance,  and  functionality  will  vary  depending  on 
your  specifrc  operating  system,  hardware,  and  software  configurations.  ©2005  Intel  Corporation.  Intel,  Intel  Inside,  the  Intel  Inside  logo,  the  Intel  Centrino  logo,  and  Intel  Centrino  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States 

and  other  countries.  All  rights  reserved. 
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TCCHHOUIfiY  UPDATE 

■  AN  INSIDE  LOOHAT 


XRIs  resolve  identity  mgmt.  dilemma 


HOW  IT  WORKS:  XRI 


An  Extensible  Resource  Identifier  spurs  identity  management  system 
interoperability  by  converting  the  abstract  identifier  for  a  resource  into  one  or 
more  network  endpoints  where  the  resource  can  be  retrieved  or  otherwise 
operated  on. 


Authority 


//feexanif 

Biff 


Path 

--A— 


xri://}@example*alice/work/office 


0  Q  0 


Session  Initiation  Protocol  connection 
to  office  phone. 

URI  to  office  street  directions. 

URI  to  office  image. 

Work  e-mail  address. 

Work  instant-messaging  information. 


D  An  XRI  is  broken  into  an  authority  portion  and  a  path  portion.  XRI  resolution  deals  primarily  with  the 
authority  portion  of  the  XRI. 

□  Resolution  works  left-to-night  across  identifier  authorities  in  the  authority  component.  In  this  case, 
the  left-most  (or  root)  identifier  authority  is  represented  by  the  @  symbol,  which  indicates  that  the 
next  sub-segment  ("example,"  in  this  case)  is  an  organization,  The  resolving  client  queries  the  @ 
authority,  which  responds  with  information  about  “example"  in  the  form  of  an  XML  document  called 
an  XRIDescriptor. 

0  The  resolving  client  next  queries  the  "example"  authority  discovered  in  the  XRIDescriptor.  The  "example" 
authority  responds  with  an  XRIDescriptor  describing  "aliceT _ _ 

0  The  XRIDescriptor  for  “alice"  lists  network  endpoints  and  protocols  offered  by  the  authority 
“@example*alice."  In  this  case,  the  resolving  client  looks  for  an  endpoint  capable  of  returning  an 
XRIDescriptor  about  the  path  portion  of  the  XRI  ("/work/office"). 

□  The  resolving  client  retrieves  an  XRIDescriptor  that  describes  “/work/office"  from  the  "alice"  authority, 
thereby  completing  resolution  and  obtaining  a  list  of  network  endpoints  associated  with 
“@example*alice/work/office.” 


BY  DAVE  MCALPIN 

Identity  management  is  a  big  productivity 
win  for  companies,  but  implementation 
can  be  challenging.  A  company’s  partner, 
for  instance,  might  identify  each  of  its  em¬ 
ployees  by  personnel  number,  a  distin¬ 
guished  name  or  an  e-mail  address.  Merely 
recognizing  the  type  of  identifier  provided 
can  be  difficult  or  impossible,  and  support¬ 
ing  them  all  is  costly 

The  Organization  for  the  Advancement  of 
Structured  Information  Standards  (OASIS) 
has  developed  a  unified  identifier  scheme 
to  help  companies  tackle  today’s  rampant 
identity  management  interoperability  prob¬ 
lems.  The  Extensible  Resource  Identifier 
(XRI)  specification  establishes  an  interop¬ 
erable  framework  for  expressing,  resolving 
and  establishing  equivalence  between 
identifiers  of  any  kind  for  any  resource 
type,  including  people,  applications,  net¬ 
work  devices  and  corporate  assets. 

XRIs  build  on  the  ubiquitous  Uniform  Re¬ 
source  Identifier  (URI)  and  Internation¬ 
alized  Resource  Identifier  (IRI)  standards 
—  widely  used  by  identity  management 
solutions  —  by  defining  standard  ways  to 
express  characteristics  such  as  type,  lan¬ 
guage  and  date.The  lightweight  HTTP-  and 
XML-based  XRI  resolution  framework  lets  a 
consuming  application  quickly  and  easily 
discover  metadata  about  those  resources, 
such  as  an  alternative  synonym  identifier 
that  works  better  in  the  application’s  local 
identity  management  system. 

Metadata  isn’t  limited  to  alternative  iden¬ 
tifiers.  Imagine  that  an  XRI-identified  re¬ 
source  is  a  technical  manual,  available  as  a 
PDF  or  Word  document  and  retrievable 


from  a  variety  of  mirrored  network  loca¬ 
tions  via  various  protocols.  In  a  broad 
sense,  the  manual  is  the  same  document 
irrespective  of  where  it  is  located,  how  it  is 
retrieved  or  in  what  format  it  is  represented. 
XRIs  are  ideally  suited  for  identifying  re¬ 
sources  at  this  level  of  abstraction  because 
the  resolution  process  lets  the  consuming 


application  choose  the  best  network  loca¬ 
tion,  retrieval  method  and  file  format  for  its 
needs  from  the  available  options. 

Like  URIs,  XRIs  are  composed  of  an 
authority  portion  and  a  path  portion.  XRI 
resolution  converts  the  authority  portion 
and  the  path  portion  of  an  XRI  to  an  XML 
document  called  an  XRIDescriptor.  The 


XRIDescriptor  describes  the  identified  re¬ 
source  and  the  means  by  which  the  digital 
representation  of  the  resource  can  be  re¬ 
trieved.  By  providing  an  additional  level  of 
in  direction  away  from  concrete  instances 
of  a  resource,  XRIs  provide  a  permanent, 
unbreakable  reference  on  which  stable 
business  relationships  can  be  based. 

To  support,  the  widespread  adoption  of 
XRI  technology  OpenXRI.org  offers  a  freely 
redistributable  open  source  XRI  tool  kit  that 
can  be  integrated  into  corporate,  ISP  or  soft¬ 
ware  vendor  architectures.  The  tool  kit 
includes  client-side  resolvers  and  high-per¬ 
formance  resolution  servers. 

OpenXRI.org  is  chartered  to  publish  and 
maintain  this  tool  kit  to  help  organizations 
tackle  interoperability  problems  with  mini¬ 
mal  disruption  to  their  internal  systems.  By 
providing  a  common  framework  for  ex¬ 
pressing,  resolving  and  mapping  all  types  of 
identifiers,  XRIs  allow  companies  to  “future- 
proof”  their  investment  in  identity  manage¬ 
ment  solutions  while  making  maximum 
use  of  their  current  infrastructures. 

OpenXRl.org  is  a  community  effort,  and 
the  tool  kit  is  distributed  under  the  Apache 
2.0  license.  OpenXRI.org  hopes  this  royalty- 
free,  sub-licensable  client  and  server  soft¬ 
ware  will  stimulate  organizations  from  fed¬ 
eral  and  enterprise  markets  to  take  a  look  at 
the  benefits  of  using  XRIs  to  solve  their 
identity  interoperability  problems. 

McAlpin,  a  senior  architect  at  Epok,  is  one 
of  the  primary  authors  of  the  XRI  specifica¬ 
tion  at  OASIS  and  the  president  of 
OpenXRI.org.  He  can  be  reached  at 
dave.  mcalpin@epok.  net. 


How  can  an  IT  or  network  manager  prepare  for 
and  help  provide  communications  in  an  emer¬ 
gency  situation  such  as  a  hurricane  or  other 
natural  disaster? 

To  prepare  and  position  yourself  to  assist  with  emer¬ 
gency  communication  support  for  future  events,  I 
would  recommend  getting  involved  with  amateur 
radio  (aka  ham  radio).  The  rules  have  changed  over 
the  years  to  obtain  a  license  and  operate  an  amateur 
radio  station  without  having  to  meet  a  Morse  code 


test  requirement.  The  American  Radio  Relay  League 
(www.arrl.org)  is  a  great  site  to  learn  about  how  to 
get  a  license  and  get  started.  The  most  popular 
license  for  beginners  is  the  Technician  Class  license, 
which  only  requires  a  35-question  multiple-choice 
exam  and  allows  all  ham  radio  privileges  above  30 
MHz  (this  includes  the  2-meter  band,  well-suited  for 
portable  and  handheld  radios  for  local  area  communi¬ 
cations).  Technician  Class  license  holders  may  oper¬ 
ate  FM,  single-sideband  and  digital  packet  television 
equipment,  as  well  as  some  satellite  communications. 


Hams  with  mobile  and  self-powered  rigs  have  a  long 
history  of  providing  communication  during  emergen¬ 
cies,  and  amateur  radio  is  a  rewarding  hobby  when 
there  is  no  emergency. 

Check  the  exam  schedule  page  at  the  ARRL  site, 
study  up  and  be  the  next  one  on  your  block  to  become  a 
Ham. 

Blass,  a  network  architect  at  Change@Work  in 
Houston,  can  be  reached  at  dr.internet@change 
atwork.com. 


IBM  eServer™  xSeries! 


PAY  MORE  ATTENTION  TO  SERVERS 
BEFORE  YOU  BUY  THEM. 

SO  YOU  CAN  PAY  LESS  ATTENTION 


Affordable,  reliable,  easy  to 


manage:  eServer  xSeries  with  Intel®  Xeon™  Processors 


IBM  eServer  xSeries  226  Express 


IBM  eServer  xSeries  346  Express 


IBM  eServer  xSeries  366  Express 
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Flexible  and  easy  to  use 


IBM  eServer  BladeCenter  HS20  Express 


An  entry-level  server  that  offers 
the  reliability  and  performance 
needed  for  business-critical 
computing.  Easy  set  up,  deploy¬ 
ment,  and  access  to  all  major 
system  components. 

System  features 

Up  to  two  Intel  Xeon 
Processors  3GHz/2MB 
Two-way  tower  with 
rack  capability 
Up  to  7  hot-swappabie 
SCSI  hard  disk  drives 
Two  73GB  HS  SCS I  HDD 
standard 

Limited  warranty:  up  to  3 
years  on-site3 

From  $1,639*4 

(Other  configurations  as  low  as  $1,229'*) 

IBM  Financing  Advantage 

Only  $45  per  month5 


Help  maximize  performance 
and  improve  availability  in  a 
rack  dense  environment  with 
Xtended  Design  Architecture." 
Includes  features  like  Calibrated 
Vectored  Cooling,  an  IBM  inno¬ 
vation  that  helps  to  cool  your 
system  and  improve  uptime. 

System  features 

Up  to  two  Intel  Xeon 
Processors  3GHz/2MB 
Two-way  2U  rack  server 
Up  to  2GB  DDR2  memory 
using  8  DIMM  slots  with 
enhanced  memory 
Limited  warranty:  up  to  3 
years  on-site3 

From  $3,999*4 

(Other  configurations  as  low  as  $2,2194) 

IBM  Financing  Advantage 

Only  $109  per  month5 


With  the  power  of  3rd  generation 
Enterprise  X-Architecturej"  it  sets 
a  new  standard  for  4-socket, 
64-bit  servers.  Delivers  increased 
performance,  systems  manage¬ 
ability,  and  simultaneous  support 
for  32  and  64-bit  apps. 

System  features 

Up  to  four  64-bit  Intel  Xeon 
Processors  MP  3.66GHz 
|  64GB  DDR  memory 
|  4GB  memory  expandable 
to  64GB 

Six  64-bit  Active  PCI-X  2.0 
IBM  Director 

Calibrated  Vectored  Cooling 

Limited  warranty:  up  to  3  years 
on-site3 

From  $1 3,779  *4 

(Other  configurations  as  low  as  $6,999**) 

IBM  Financing  Advantage 
Only  $379  per  month5 


Designed  to  support  the  Intel 
Xeon  Processor  and  packed 
with  high-availability  features, 
the  eServer  BladeCenter 
HS20  with  an  industry-leading 
modular  design  delivers  density 
without  sacrificing  processor 
performance. 

System  features 

Up  to  two  Intel  Xeon 

Processors  3.20GHz/2MB 
Up  to  14  blades  per  chassis 
Supports  both  32 

and  64-bit  applications 
IBM  Director 

Limited  warranty:  up  to  3  years 
on-site3 

From  $2,979*4 

(Other  configurations  as  low  as  $1,8394) 

IBM  Financing  Advantage 

Only  $82  per  month5 


IBM  TotalStorage®  Simplify  storage  management  to  help  improve  productivity 

- . 

System  features 

3U  rack-mount  entry  level  Starts  at  584GB  / 

Support  for  up  to  14  Scales  to  4.2TB .  j 

Ultra320  SCSI  disk  drives  Limited  warranty:  1  year 

on-site3 

From  $5,355*  IBM  Financing  Advantage 

(Other  configurations  as  low  as  $2,995)  Only  $147  per  month5 

"All  prices  are  IBM's  estimated  retail  selling  prices  that  were  correct  as  of  June  3, 2005.  Prices  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  to  end  users  may  vary.  Products 
are  subject  to  availability.  This  document  was  developed  for  offerings  in  the  United  States.  IBM  may  not  offer  the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  1.  IBM  Director  is 
not  available  on  TotalStorage  products.  2.  IBM  Director  must  be  installed.  Products  included  in  IBM  Express  Servers  and  Storage  may  also  be  purchased  separately.  3.  Telephone  support  may  be  subject  to, 
additional  charges.  For  on-site  labor,  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  4.  Prices  subject  to  change  without  notice.  Price  may  not  include  a  hard'drive, 
operating  system  or  other  features.  Contact  your  IBM  representative  or  IBM  Business  Partner  for  the  most  current  pricing  in  your  geography.  5.  IBM  Global  Financing  terms  and  conditions  and  other  restrictions 


IBM  TotalStorage  DS300  Express 

Entry-level,  cost-effective  SCSI  storage  systems 
designed  to  deliver  advanced  functionality  at  a 
breakthrough  price.  Provides  an  exceptional 
solution  for  work  group  storage  applications, 
such  as  e-mail,  file,  print,  database  and  Intel 
Xeon  Processor-based  servers. 


rO  THEM  AFTER. 


With  IBM®  Express  Servers  and  Storage™  offerings 
designed  for  mid-sized  businesses,  help  is  here. 

You’ve  already  got  a  zillion  things  that  require  your 
attention-you  shouldn’t  have  to  worry  about  your  systems. 
That’s  why  IBM  Express  products  offer  reliability  features, 
which  help  them  do  their  job  so  you  can  focus  on  yours. 

Take  IBM  Director,  which  comes  standard.'  It  can  pro¬ 
actively  notify  you  of  a  potential  problem -up  to  48  hours 
in  advance.  Or  our  Calibrated  Vectored  Cooling  feature 
available  on  select  xSeries  systems.  It  can  cool  your  system 
more  efficiently.  This  means  more  features  can  be 
packed  into  a  smaller  server -for  more  functionality  and 
greater  flexibility. 

It’s  just  an  example  of  our  self-managing  features  that  help 
you  take  back  control  of  your  IT.  Which  can  help  lower 
your  maintenance  costs,  too.  Because  with  IBM  Express 
Servers  and  Storage,  innovation  comes  standard.  It’s 
not  optional.  Plain  and  simple,  it’s  built  in.2 

There’s  also  one  more  great  feature-your  IBM  Business 
Partner.  Which  means  you  can  have  a  one-to-one  chat 
with  someone  who  understands  your  industry  and  your 
business-and  who’s  located  in  your  neck  of  the  woods. 
And  for  mid-sized  businesses,  that’s  really  big  help  in  a 
really  big  way. 
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IBM  TotalStorage  DS400  Express 

bth  advanced  functionality,  the  DS400  provides 
exceptional  solution  for  work  group  storage 
applications.  It  supports  Intel  Xeon  Processor- 
based  servers  and  offers  Fibre  Channel  drives 
designed  for  high  performance,  and  hot-swap 
Ultra320  SCSI  drives  designed  for  high  reliability. 


System  features 

2GB  Fibre  Channel  storage  Starts  at  584GB  /  Scales  to  12TB 

systems  area  network  (SAN)  Limited  warranty:  1  year  on-site3 

3U  rack-mount  entry  level 

From  $8,495*  IBM  Financing  Advantage 

(Other  configurations  as  low  as  $4,995)  Only  $234  per  month 


may  apply.  Monthly  payment  provided  is  tor  planning  purposes  only  and  may  vary  based  on  customer  credit  and  other  factors.  Rates  and  offerings  are  subject  to  changes,  extension  or  withdrawal  without  notice.  IBM 
eServer,  BladeCenter,  xSeries,  TotalStorage,  IBM  Express  Servers  and  Storage,  Enterprise  X-Architecture  and  Xtended  Design  Architecture  are  trademarks  or  registered  trademarks  of  International  Business  Machines 
Corporation  in  the  United  States  and/or  other  countries.  Intel,  Intel  Inside,  the  Intel  Inside  logo,  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States 
and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©  2005 18M  Corporation.  All  rights  reserved. 
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Z-Connect  VoIP  phone 


GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


With  VoIP  becoming  all  the  rage 
and  appearing  in  consumer 
devices,  there’s  lots  of  interesting 
products  for  us  to  look  at.  A  con¬ 
sumer-level  VoIP  telephone  that 
we’ve  had  in  the  queue  for  a  few 
weeks  is  the  Z-Connect  G668 
(www.networkworld.com,  Doc- 
Finder:  8837)  from  Soyo  Group. 

Our  first  impression  was  that  this 
is  rather  ugly.  The  body  is  conven¬ 
tionally  shaped  and  smooth  black 
plastic,  but  it  and  the  handset  are 
trimmed  with  a  brown,  leather-textured  material.  Yuck. 
And  the  handset  also  has  a  pointless  silver  highlight  strip. 
These  details  give  the  telephone  a  cheesy,  ’70s  look. 

Leaving  aesthetics  aside,  the  G668  is  easy  to  set  up  if 
you  have  a  DHCP-enabled  network  —  you  just  connect 
it  to  the  network  (then  plug  your  PC  into  the  phone  — 
the  phone  provides  a  pass-through  service),  power  it  up, 
and  it  works.  During  our  tests  the  call  quality  was  good 
to  very  good. 

On-network  calls  between  Z-Connect  phones  are  free 
and  the  phone  comes  bundled  with  150  minutes  of  calls 
to  phones  off  the  Soyo  network.  Incoming  calls,  which 
also  count  towards  your  service  minutes  usage,  require 
the  Plus  service,  which  costs  $9.99  per  month. The  toll  for 
off-network  calls  depends  on  the  destination, but  charges 
for  calls  to  the  U.S.,  U.K.,  France  and  Canada  are  3  cents 


per  minute  while  Germany  is  4  cents. 

When  it  starts  up  it  is  kind  of  cool  to  see  your  phone  dis¬ 
playing  the  message  “Booting  ...”but  here  we  hit  the  first 
of  the  functional  issues  with  the  G668:  In  our  environ¬ 
ment  the  phone  then  displayed  “Wait  Logon  ..."followed 
by  “Failed.”  Then,  after  it  had  thought  about  life,  the  uni¬ 
verse  and  everything  for  a  few  seconds,  the  phone  report¬ 
ed  “Ready  for  calls”. 

While  setup  on  a  DHCP-enabled  network  is  easy  the 
same  isn’t  true  for  networks  with  static  addressing,  or  if 
you  want  to  connect  directly  to  a  broadband  modem 
supporting  PPPoE.  For  these  environments  you’ll  have  to 
configure  the  G668  from  the  device’s  keyboard,  which 
requires  reading  the  manual  —  here’s  where  the  product 
completely  falls  apart. 

A  little  more  money  could  have  been  spent  on  transla¬ 
tion  from  whatever  language  the  manual  was  originally 
written  in.  For  example,  the  key“Volume+”is  described  in 
the  manual  as  “Turn  over  manual  backward.”We  pressed 
the  key  repeatedly  but  the  manual  didn’t  turn  over. 

A  crucial  problem  is  that  the  phone  currently  ships  with 
1.42  firmware  while  the  manual  is  for  Version  1.22 
firmware  (which  you  can  only  determine  by  looking  at 
the  minute  text  on  the  screenshots  in  the  manual). 

What  is  odd  is  why  the  company  would  change  some 
of  the  basic  operations  of  the  phone  between  versions, 
such  as  how  to  get  into  configuration  mode.  If  you  try  to 
follow  the  instructions  for  setting  up  a  static  address 
using  the  supplied  manual  you  will  get  absolutely 


Yuck 

nowhere.  This  is  inexcusable  because  it  puts  an  unac¬ 
ceptable  load  on  the  consumer  to  figure  out  what  is 
going  wrong. 

If  you  look  for  the  latest  manual  on  the  Soyo  Web  site, 
you’ll  find  that  the  online  version  is  for  firmware  1.41, but 
at  least  the  instructions  work. 

The  G668  has  a  built-in  Web  server  so  that  once  an  IP 
address  is  assigned  you  can  modify  the  phone’s  configu¬ 
ration  using  your  Web  browser  —  this  is  good  because  it 
allows  for  centralized  management. 

The  screenshots  in  the  manual  that  ships  with  the 
phone  show  the  latest  firmware  has  reduced  the  config¬ 
uration  options  so  using  the  G668  with  another  service 
provider  isn’t  possible  unless  you  call  Soyo  (good  luck, 
we  could  only  get  voice  mail  at  9:30  a.m.)  and  get  the 
“secret  superadmin”  password. 

The  G668  also  provides  a  few  other  bits  of  bad  product 
engineering.  For  example,  product  updates  were  origi¬ 
nally  designed  to  be  delivered  directly  by  FTP  to  the 
G668  but  even  though  support  for  this  feature  has  been 
dropped  by  Soyo,  the  fields  for  specifying  the  update 
server  are  still  on  the  Web  configuration  page. 

At  $90  this  is  one  of  the  cheapest  complete  VoIP 
phones  available.  If  it  wasn’t  for  the  lousy  documenta¬ 
tion  and  messed  up  features  we’d  like  this  device.  As  it  is, 
it  is  flawed.and  ugly 

Close  call?  Tell  gearhead@gibbs.com.  As  always ,  check 
Gearblog  ( www .  networkworld.  com/ weblogs /gearblog). 


Logitech  makes  laser  mouse  smarter 

Not  content  with  having  its  cordless  mice  equipped  with  one¬ 
way  communication  (from  the  mouse  to  the  computer),  Logitech 
last  week  announced  a  mouse  that  can  receive  and  process 
wireless  communications  from  a  PC.  The  Logitech  MX  610 
Laser  Mouse  uses  2.4-GHz  wireless  technology  to  create  a 
“smart  mouse”  that  can  inform  a  user  when  he  has 
received  e-mail  (with  Outlook)  or  an  instant  message. 
The  mouse  is  scheduled  to  be  available  in  October 
for  about  $60. 

A  blue  light  on  the  mouse  indicates  when  an 
Outlook  e-mail  has  arrived,  and  a  user  can 
click  the  mouse  to  open  the  in-box 
and  read  it.  Similarly  when  an  IM  from 
Windows  Messenger,  MSN  Messenger 
or  Yahoo  Instant  Messenger  comes  in,  the 
mouse  will  trigger  an  orange  light. 

In  addition,  the  mouse  shuts  down  when  it  detects  that  the  PC  has 
shut  down,  saving  precious  mouse  battery  life,  Logitech  says.  When 
the  mouse  power  is  less  than  10%  of  a  full  charge,  an  indicator  light 
will  illuminate. 

The  mouse  includes  a  USB  micro-receiver  to  provide  cordless  capabili¬ 
ties,  with  a  range  of  30  feet  between  the  mouse  and  receiver.  Logitech 
says  the  system  can  detect  wireless  interference  issues  with  other  2.4- 
GHz  technologies  (including  Bluetooth,  Wi-Fi  and  cordless  phones), 
and  switch  to  a  different  wireless  channel. 


Logitech's  smart 
mouse  can  send  and 
receive  information. 


lOGear  ships  USB  speakerphone 

If  you’ve  been  making  a  lot  ofVoIP  calls  over  the  PC  (such  as  Skype,Vonage  and  video- 
conferencing)  and  don’t  want  to  use  a  headset,  check  out  the  IOGear  USB  Speaker 
Phone  ($60,  available  now).  It  connects  to  a  USB  port  and  provides  a  speakerphone 
function  for  VoIP  and  other  audioover-the-Intemet  applications. 

It  includes  a  headset  jack  (2.5mm),  and  features  echo  cancellation  and  digital  sig¬ 
nal  processing  technology  for  additional  noise  reduction.lt  measures  only  2.2  by  0.8 
by  3.2  inches  and  weighs  1.5  ounces,  making  it  easier  for  travel. 

Gateway  delivers  14-inch  widescreen  tablet 

Gateway  last  week  launched  a  convertible  notebook  (the  screen  swivels  to  create 
a  slate-style  tablet  or  a  regular  notebook  with  keyboard)  with  a  14-inch  widescreen 
display  The  notebook  will  come  in  two  models  —  the  M280  for  enterprise,  govern¬ 
ment  and  education,  and  the  7200C  for  small-business  customers. 

Both  systems  include  a  lightweight  battery  option  the  extends  battery  life  up  to 
8.5  hours, as  well  as  wireless  connectivity  options  of  802. 1  Ig  or  802.1  la/b/g.The 
systems  include  the  Intel  Celeron  M  or  Pentium  M  processors,  and  a  choice 
of  two  graphics  cards  (ATI  Mobility  X600  SE  with  128M  bytes  of  RAM,  or  the 
Intel  Media  Accelerator  900  with  up  to  128M  bytes  of  shared  memory). 

The  M280  includes  the  Gateway 
Gateway's  newest  con-  Mobile  Threat  Protection  Solution,  a 
vertible  sports  a  14-inch  notebook  recovery  system  that  works 
widescreen  display.  like  Lo-Jack  to  recover  lost  or  stolen  sys¬ 
tems,  as  well  as  encryption  and  pass¬ 
word  management  software.  Pricing  and  avail¬ 
ability  were  not  announced,  but  the 
two  models  are  available  for 
pre-order  at  1-800-GATE 
WAY  the  company  says. 

Shaw  can  be  reached  at  kshaw@nww.com. 
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Two  industry  insiders  debate  the  issue  of  paying  those  who  uncover  security  flaws. 


Is  it  ethical  for  security  companies 
to  buy  vulnerability  information? 


Recently  3Com  launched  the  Zero  Day  Initiative, a  program  designed  to  protect 
against  zero-day  vulnerabilities  —  unknown  security  flaws  for  which  no  patch 
exists. When  a  zero-day  vulnerability  is  announced, all  users  of  the  affected  tech¬ 
nology  scramble  to  protect  themselves.This  is  costly  and  the  consequences  are  poten¬ 
tially  severe.  Everyone  is  vulnerable  from  the  time  a  flaw  is  disclosed  until  the  time  a 
patch  is  deployed,  which  can  be  months. 

Through  the  program, 3Com  rewards  researchers  who  responsibly  submit  vulnerabil¬ 
ity  information  instead  of  publicly  announcing  their  discovery  putting  organizations  at 
risk.  We  give  this  information  to  the  affected  vendor  to  develop  a  patch,  while  protect¬ 
ing  our  customers  with  intrusion-prevention  technology  The  information  is  not  made 
public  until  a  patch  is  available. This  background  information  provides  the  context  in 
which  we  support  rewards  for  security  research. 

There  is  a  misperception  that  all  security  researchers  are  malicious  hackers  looking 
to  do  harm.  In  reality  there  is  a  growing  security  research  community  that  has  evolved 
dramatically  over  the  last  few  years. Today  those  with  the  level  of  expertise  needed  to 
discover  a  vulnerability  and  recognize  its  significance  is  a  global  and  sizable  group.  A 
very  small  minority  are  malicious  hackers.  It  is  not  uncommon  for  security  researchers 
to  stumble  onto  a  new  flaw  while  doing  their  day-to-day  security  work.  Why  shouldn’t 
the  well-doers  be  rewarded  for  responsibly  handling  this  sensitive  information? 

Rewarding  researchers  can  be  compared  with  rewarding  reporters  who  uncover  a 
story  If  a  freelance  reporter  stumbles  upon  a  great  story  why  shouldn’t  he  or  she  offer 
it  to  a  publication  for  payment?  Much  like  the  way  a  publication  checks  facts  in  the 
story, 3Com  validates  the  issues  to  find  out  if  they  are  legitimate  vulnerabilities.  Most  sto¬ 
ries,  like  vulnerabilities, will  eventually  be  uncovered. It’s  best  that  the  vulnerabilities  are 
given  to  a  group  that  will  ensure  they  are  handled  responsibly 
Security  researchers  who  work  with  vendors  to  alleviate  a  flaw  are  not  malicious. 
Those  with  malicious  intent  can  inflict  damage  by  exploiting  a  vulnerability  or  selling 
it  on  the  black  market  without  notifying  the  vendor.  Nonetheless,  based  on  policy,  3Com 
will  not  work  with  known  black  hats.  In  order  to  receive  payment,  the  researcher’s  iden¬ 
tity  must  be  known  and  validated. 

With  zero-day  vulnerabilities  on  the  rise  and  the  window  of  time  before  exploits 
shrinking,  it  is  increasingly  important  to  provide  next-generation  secu¬ 
rity  This  includes  the  use  of  intrusion-prevention  systems,  which  are 
unique  in  providing  vulnerability  protection  through  a  regular  update 
service.  With  the  doors  open  for  security  research  commerce,  we  can 
leverage  the  great  minds  that  may  be  untapped  to  offer  greater  vulner¬ 
ability  protection  for  all  technology  users. 

We  believe  paying  security  researchers  will  result  in  the  responsible 
disclosure  of  vulnerabilities,  which  ultimately  enhances  security 

Willebeek-LeMair  is  CTO  at  3Com.  He  can  be  reached  at 
cto@3com.com. 


Internet  Security  Systems  strongly  opposes  the  business  of  purchasing  security  vul¬ 
nerabilities.  Let’s  be  very  clear.  Hackers  seek  out  vulnerabilities  strictly  to  improve 
their  opportunity  for  financial  gain  through  successful  exploitation.  By  trafficking 
vulnerabilities,  they  obtain  further  economic  incentive. 

Some  vendors  say  they’re  doing  the  industry  a  service  by  paying  others  to  uncover 
vulnerabilities,  presumably  removing  software  bugs.  I  agree  it’s  a  good  thing  not  to  have 
researchers  posting  harmful  zero-day  exploits  on  the  Internet  without  giving  the  affect¬ 
ed  vendor  time  to  address  the  issue.  I  also  agree  it’s  a  good  idea  for  security  vendors  to 
collect  zero-day  information  so  they  can  provide  preemptive  protection  capabilities  to 
their  products.  But  these  ends  are  better  achieved  through  controlled  research  within 
reputable  and  established  security  research  organizations. 

1SS  has  cultivated  a  research  capacity  inside  the  company  with  the  purpose  of  better 
understanding  vulnerabilities  and  how  they  can  be  exploited.  Although  some  vulnera¬ 
bility  research  culminates  in  security  advisories,  the  underlying  research  is  critical  to 
provide  preemptive  protection  for  entire  classes  of  vulnerabilities  throughout  a  system. 
The  “a  la  carte”  approach  to  vulnerability  research  is  similar  to  anti-virus  technology  — 
identify  threat,  respond  with  signature. 

Through  deep  vulnerability  research  into  entire  IT  systems,  not  only  are  individual 
weaknesses  uncovered,  but  also  a  greater  degree  of  protection  can  be  established  for 
the  entire  system. The  “pay  as  you  go”  approach  to  acquire  exploits  does  not  allow  the 
financier  of  this  research  to  advance  the  protection  of  their  customers  and  users  of  the 
systems  being  researched. 

Supporters  of  bug  ransoms  justify  their  actions  by  referencing  free-market  principles. 
Economist  Adam  Smith  argued  an  invisible  hand  exists  that  silently  influences  all  things 
in  a  free  market.  He  certainly  wouldn’t  have  said  that  the  invisible  hand  is  always  a 
benevolent  one.  Just  because  trafficking  in  zero-day  vulnerabilities  exists,  doesn’t  mean 
independent  security  vendors  should  contribute  to  the  market. 

Demand  begets  supply  in  this  case.  Minimal  demand  and  low  prices  have  kept  the 
quality  down  in  the  past.  The  only  way  vulnerability  bounty  programs  will  prove  suc¬ 
cessful  is  if  prices  increase.  Bug  ransom  programs  financed  by  a  buyer  with  deep  pock¬ 
ets  attempting  to  corner  a  market  will  result  in  increasing  prices. 

Customers  trust  that  their  vendor  partners  have  thoroughly 
researched  the  security  vulnerabilities  they  uncover  and  offer  protec¬ 
tion  against  them.  Bounty  programs  will  break  down  this  trust.lt  is  naive 
to  believe  the  bad  guys  won’t  be  working  both  sides  of  the  economic 
equation. There  is  no  way  to  guarantee  that  a  vulnerability  has  not  been 
sold  to  someone  else,  or  that  it  was  not  stolen  or  illegally  obtained. 

Creating  an  open  cash  market  and  outsourcing  security  research  to  a 
community  of  hackers  with  questionable  motives  will  most  certainly 
lead  to  trouble. 

Rouland  is  CTO  at  ISS.  He  can  be  reached  at  crouland@iss.net. 


nww.com 

Have  your  say 

What’s  your  opinion?  Log  on  to  Network 
World.com  and  let  us  know.  Face-off 
authors  Marc  Willebeek-LeMair  and  Chris 
Rouland  will  respond  to  your  comments. 
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HOW  MANY  PEOPLE  DOE 

SUPPORT  A  SINGL 

(THAT’S  TOO  MANY.) 


With  IBM®  Express  Servers  and  Storage™  designed  for 
mid-sized  businesses,  help  is  here. 


Servers  should  support  a  business,  not  the  other  way  around. 
That’s  why  IBM  Express  Servers  have  self-managing  features:  so 
that  our  servers  can  virtually  run  themselves.  What’s  more,  with 
IBM  Express  Servers  and  Storage,  innovation  comes  standard. 
Take  the  OpenPower™  710  Express,  for  instance.  It’s  specially 
tuned  for  Linux®  and  offers  the  reliability  of  POWER5™  technology 
at  a  surprisingly  low  price.1 


CD 

$ 

O 

Q_ 


System  features 


Increase  computing  power,  availability  and  scalability 
in  a  rack  dense  environment 


Tuned  for  Linux 

IBM  eServer  OpenPower  710  Express 


And  while  you  can’t  be  in  two  places  at  the  same  time,  you  might 
want  to  look  into  the  innovative  server  feature  that  can.  For  example, 
the  remarkable  Advanced  POWER™  Virtualization  option  -  it  lets 
one  OpenPower  710  Express  act  as  many  virtual  ones. 

On  top  of  that  there’s  IBM  TotalStorage®  products,  which  offer  a  wide 
range  of  disk,  tape,  and  storage  software  solutions  -  so  you  can 
choose  the  right  options  to  meet  the  growing  needs  of  your  company. 

There’s  also  one  more  great  feature  -  your  IBM  Business  Partner. 
Which  means  you  can  talk  to  someone  who  understands  your 
industry  and  your  business  -  and  who’s  located  in  your  neck  of  the 
woods.  And  for  mid-sized  businesses,  that’s  really  big  help  in  a 
really  big  way. 
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Ideal  for  consolidation  of  infrastructure  workloads 
(Web  serving,  file,  print,  security  applications) 

Robust  64-bit  mainframe-inspired  POWER5  systems 

2-way  19"  rack  server 

Up  to  32GB  of  memory 

Optional  Advanced  POWER  Virtualization' 

DB2®  Express  Discover  CD 

Limited  warranty:  up  to  3  years  on-site2 

From  $4,477* 


IBM  Financing  Advantage 

Only  $124  per  month3 


’All  prices  stated  are  IBM’s  estimated  retail  selling  prices  that  were  correct  as  of  May  6,  2005.  Prices  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller 
prices  to  end  users  may  vary.  Offers  are  for  business  customers  only  and  are  subject  to  availability.  This  document  was  developed  for  offerings  In  the  United  States.  IBM  may  not  offer 
the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  'The  Linux  operating  system  for  the  OpenPower  710  Express  must  be  purchased  separately.  Price  i 
does  not  include  virtualization  option.  ^Telephone  support  may  be  subject  to  additional  charges.  For  on-site  labor.  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before 
sending  a  technician.  -’IBM  Globa!  Financing  terms  and  conditions,  and  other  restrictions  may  apply.  Monthly  payments  provided  are  tor  planning  purposes  only  and  may  vary  based 
on  customer  credit  and  other  factors.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice.  ACustomer  Replaceable  Unit  (CRU)  service  is  available  in  most 
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Simplify  storage  management  to  improve  productivity 


IBM  TotaiStorage  3580  Express 

The  3580  Express  helps 
address  your  growing  storage 
requirements  and  the 
problem  of  shrinking  backup 
windows.  It  supports  cost- 
effective  backup,  save  and 
restore,  and  data  archiving. 

System  features 

Built  on  Ultrium®  3  technology 

Read/write  compatible  with 
cartridges  written  by 
Ultrium  2  drives 

Read  compatible  with 
Ultrium  1  cartridges 

Up  to  400GB  cartridge  capacity. 
Up  to  800GB  with 
2  to  1  compression 

Limited  warranty:  3  years4 

From  $5,850* 

IBM  Financing  Advantage 

Only  $167  per  month3 


|  IBM  TotaiStorage  DS4300  Express5 

j  With  a  scalable  design,  the 
DS4300  Express  is  designed 
j  to  provide  a  reliable  and 
I  affordable  storage  option  to 
help  simplify  your  data 
management  needs. 

System  features 

2GB  Fibre  Channel  SAN-ready 
3U  rack  mount  entry  level 
Scales  to  33.6TB 

Supports  up  to  112  Fibre  Channel 
disk  drives  -  with  optional 
EXP710  expansion  units6 

Heterogeneous  OS  support 

Limited  warranty:  3  years  on-site2 

From  $8,655* 

IBM  Financing  Advantage 

Only  $238  per  month3 
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countries.  ^General  product  availability  of  IBM  TotaiStorage  DS4300  Express  Is  expected  to  be  6/17/05.  fiEXP710  expansion  unit  is  not  included  in  the  price.  MB.  GB  and  TB  equal 
1,000,000, 1,000,000,000  and  1.000,000,000,000  bytes,  respectively,  where  referring  to  storage  capacity.  Actual  storage  capacity  will  vary  based  upon  many  factors  and  may  be  less 
than  stated.  Some  numbers  for  storage  capacity  are  given  in  native  mode  followed  by  capacity  using  data  compression  technology.  IBM,  eServer.  POWER5,  OpenPower,  IBM  Express 
Servers  and  Storage,  DB2,  POWER  and  IBM  TotaiStorage  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other 
countries.  Linux  is  a  registered  trademark  of  Linus  Torvaids  in  the  United  States  and  other  countries.  Linear  Tape-Open,  LTO,  and  Ultrium  are  trademarks  of  Certance.  HP  and  IBM  in 
the  U.S.  and  other  countries.  Other  company,  product,  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2005  IBM  Corporation.  All  rights  reserved. 
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Avaya  banking 
on  SOA,  SIP 

Avaya  last  week  brought  its  top  executives  to  Boston  to 
give  industry  analysts  an  idea  of  where  the  company  is 
going,  a  vision  heavy  on  software  advances  and  service- 
oriented  architecture. 

While  Avaya  has  focused  primarily  on  convergence  in  the 
five  years  since  it  was  spun  out  of  Lucent  (Oct.  1  is  the 
anniversary),  the  new  focus  is  on  intelligent  communica¬ 
tions,  says  Don  Peterson,  chairman  and  CEO.  Wrapped  up  in 
this  marketing  pitch  is  the  idea  that  IP  telephony  is  simply  a 
starting  point  that  makes  possible  new  voice-based  applica¬ 
tions  that  support  business  processes. 

“You  might  have  a  workflow  application  that  involves  send¬ 
ing  a  document  from  A  to  B,then  to  C,but  then  ends  up  sit¬ 
ting  in  C’s  in-box,”  says  CTO  Mun-Yuen  Leong.“The  idea  is  to 
enable  the  system  to  realize  the  document  has  been  in  there 
for  too  long  and  consult  presence  information  to  figure  out 
the  best  way  to  reach  the  individual  and  then  notify  them 
about  the  work.” 

As  evidence  that  others  understand  the  value  of  building 
for  this  new  environment,  Peterson  says  the  company  now 
has  1 ,300  developers  participating  in  its  DeveloperCon- 
nection  program,  four  times  what  it  had  last  year. 

The  foundation  for  this  future  is  SOA  and  Session 
Initiation  Protocol  (SIP),  Peterson  says. 

SOA  won’t  be  trotted  out  tomorrow,  says  Mike  Thurk, 
group  vice  president  of  Global  Communications  Solutions. 
“This  is  a  multi-year  effort  involving  internal  and  external 
development.” 

“Services”  in  Avaya’s  SOA  will  include  presence,  call  rout¬ 
ing,  call  recording,  the  ability  to  generate  alerts  and  collect 
data,  etc.  “We  want  to  tear  it  all  apart  so  customers  can  pull 
together  the  services  that  are  best  for  their  business,  their  ver¬ 
tical  market, ’’Thurk  says. 

You  can’t  do  that  today  without  a  lot  of  coding,  adds  Karyn 
Mashima,  senior  vice  president  of  strategy  and  technology 
“The  future  is  about  reusable  components  wrapped  in  a  pro¬ 
tocol  that  people  understand.” 

That’s  where  SIP  comes  in. 

“SIP  is  important  as  the  standard  for  the  multi-modal 
world,  the  protocol  that  will  be  used  to  integrate  compo¬ 
nents  from  different  vendors,”  Mashima  says.  SIP  also  sup¬ 
ports  two-way  presence,  making  it  ideal  for  many  of  the 
applications  Avaya  envisions. 

She  estimates  that  30%  of  Avaya’s  revenue  today  stems  from 
software  products,  but  80%  of  the  products  in  the  works  are 
software-based. 

The  trick  will  be  achieving  the  transformation  without  losing 
too  much  ground  to  Cisco,  which  is  neck-in-neck  in  the  IP  tele¬ 
phony  game. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Other  security  concerns 

Regarding  JohnaTill  Johnson’s  column, “VoIP  securi¬ 
ty  concerns  cannot  be  ignored”  (www.network 
world.com,  DocFinder:  8823):  While  you’re  checking 
the  security  of  the  corporate  network  for  VoIP  also 
check  for  rogue  wireless  base  stations,  PC  Anywhere- 
type  software  on  one  of  the  PCs  and  softphone 
installs.  All  can  be  easily  and  naively  installed  via  a 
USB  port  by  anybody  in  the  company 
Once  you’ve  got  an  unintentional  hookup  to  the 
Web,  you’re  toast,  because  someone  is  going  to  hit 
that  high-speed  connection  your  company  provides. 
“The  computer  network  is  down”  is  still  a  fact  of  life 
—  although  it  should  be  increasingly  rare  —  but  the 
phone  never  goes  down. 

Stephen  Wyman 
Network  specialist 
Texas  Department  of  Transportation 
Austin, Texas 

Playing  field  evens  out 

Regarding  “Long  view  of  the  law”  (DocFinder:  8824): 
I  strongly  disagree  with  the  story’s  assertion  that 
“Criminals  and  terrorists  have  access  to  practically 
any  information  they  want,  as  the  recent  climb  in 
identity  theft  demonstrates.  This  puts  law  enforce¬ 
ment  on  an  uneven  playing  field.” 

Law  enforcement  has  access  to  your  information 
from  a  number  of  sources,  including  the  Com¬ 
munications  Assistance  for  Law  Enforcement  Act, 
which  essentially  gives  the  police  a  wiretapping 
backdoor  and  access  to  e-mail  and  Web  records; 
search  warrants;  the  Patriot  Act,  which  in  some  cases 
lets  law  enforcement  enter  your  home  without  a 
warrant,  without  your  knowledge  and  without  your 
consent;  publicly  available  information;  companies 
whose  user  agreement  or  privacy  statement  includes 


disclosure  exceptions  for  law  enforcement;  and  mil¬ 
itary  intelligence  and  hardware  (most  visible  in  the 
Drug  Enforcement  Administration’s  interceptor 
planes  and  boats). 

Saying  law  enforcement  can’t  get  the  information 
that  they  need  with  these  tools  is  like  saying  you 
need  a  fire  ax  to  break  down  a  paper  door. 

Tom  Murphree 
Austin, Texas 

Punishing  Wi-Fi  thieves 

Regarding  Mark  Gibbs’  BackSpin  column,  “Open 
Wi-Fi,  a  national  risk”  (DocFinder:  8825):  Open  Wi¬ 
Fi  could  most  certainly  be  a  national  risk,  but  I 
think  it  would  take  someone  being  caught  in  the 
act  for  something  to  actually  be  done  about  it. 
Also,  how  about  holding  the  access  point  manu¬ 
facturers  at  fault? 

As  jar  as  the  Florida  Wi-Fi  theft  case  goes,  I  think 
both,  parties  should  receive  some  form  of  punish¬ 
ment  or  education.  Should  Benjamin  Smith  be  con¬ 
sidered  a  terrorist  or  hacker  and  get  five  years?  That 
seems  excessive  for  this  scenario,  unless  he  was 
using  the  open  Wi-Fi  for  something  mischievous. 
Something  lighter,  like  say  no  PC  for  three  to  six 
months,  would  be  more  appropriate.  The  owner  of 
the  open  Wi-Fi  should  be  punished,  but  not  with  a 
criminal  sentence.  For  him  I  would  recommend  he 
either  attend  a  basic  class  on  securing  his  access 
point  or  get  someone  else  to  secure  it  for  him.  He 
would  pay  for  either  choice,  of  course.  When  it 
comes  to  cases  like  this,  there  really  isn’t  one  pun¬ 
ishment  to  fit  all  scenarios. 

Clint  Leatherman 
Franklin, Tenn. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 
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THROUGH  CHANNELS 
Ken  Presti 


TELECOM  CATALYST 
Daniel  Briere 


Tech  training:  A  journey,  not  a  destination 


I’ve  always  been  a  terrible  cook.  This  was 
never  a  major  problem  until  my  wife  recently 
had  foot  surgery  which  has  pretty  much  con¬ 
fined  her  to  the  couch.  Now  mealtime  has 
become  the  culinary  equivalent  of  that  B  movie 
where  the  pilots  are  unconscious  and  Joe 
Schmoe  has  to  land  the  plane  with  instructions 
radioed  from  the  tower. The  results  of  her  coach¬ 
ing  and  my  hands-on  execution  have  been,  well, 
at  least  edible. 

Success  in  the  kitchen  is  nowhere  near  as 
definitive  (or  important)  as  success  in  landing  an 
airliner,  but  the  point  is  the  same:  Translating 
processes  into  step-by-step  instructions  is  a  very 
detail-oriented  task,  and  very  hard  to  do  in  real¬ 
time  —  especially  when  the  instructor  does 
something  all  the  time  and  assumes  many  of  the 
specifics  are  second  nature  to  everyone. 

That’s  why  a  lot  of  network  vendors  are  get¬ 
ting  more  serious  about  training  programs  for 
value-added  resellers,  integrators  and  other 
channel  members  who  make  technology  work 
for  end  users.  Now  that  the  industry  has  moved 
beyond  the  screaming-technology-as-a-differ- 
entiator  phase,  doing  the  little  things  correctly 
makes  all  the  difference  in  the  world. 


Some  vendors  have  even  changed  the  way  they 
compensate  their  channel  partners.  It  used  to  be 
a  “selling  more  is  always  better”  kind  of  environ¬ 
ment,  in  which  partners  received  escalating  prod¬ 
uct  discounts  as  their  volumes  crossed  certain 
thresholds.  These  days,  partners  are  much  more 
likely  to  be  compensated  based  on  their  invest¬ 
ments  in  training  and  skilled  personnel.  Smart 
people  are  recognizing  that  customer  relation- 

Translating  processes  into 
step-by-step  instructions 
is  a  detail-oriented  task. 

ships  are  more  like  a  marathon  than  a  sprint.  After 
all,  what  good  is  it  to  sell  1,000  VoIP  systems  if  989 
of  the  customers  are  now  screaming  at  tech  sup¬ 
port,  vowing  they’ll  never  buy  from  the  partner  or 
vendor  again. 

Sure,  the  vendors  still  care  about  volumes,  but 
that,  to  an  extent,  takes  care  of  itself.  Once  a  chan¬ 
nel  partner  ponies  up  the  money  for  the  neces¬ 
sary  training  and  certifications,  it  has  its  own  rea¬ 
sons  for  wanting  to  demonstrate  return  on  invest¬ 
ment.  So  the  volume  pressure  is  now  largely  inter¬ 


nal  to  the  channel  organization. 

So  training  has  become  an  ongoing  process, 
especially  because  security  wireless  and  conver¬ 
gence  are  making  the  network  increasingly  com¬ 
plex  and  more  tightly  woven  with  the  applica¬ 
tions  in  use.  IT  managers  need  to  ask  about  train¬ 
ing  and  their  channel  partner’s  approach  to  keep¬ 
ing  their  teams  up  to  date. 

This  is  pretty  straightforward  when  you’re  inter¬ 
viewing  a  potential  new  channel  partner,  but 
somewhat  trickier  when  dealing  with  someone 
with  whom  you’ve  worked  for  a  long  time.  It’s 
important  to  know  that  they’ve  got  a  systematic 
approach  to  staying  up  to  date.  If  you’re  embar¬ 
rassed  to  bring  it  up,  try  mentioning  this  column 
and  ask  them  what  I’m  talking  about.That  will  at 
least  get  the  discussion  going  without  specifical¬ 
ly  asking  if  they  still  know  what  they’re  doing.  If 
they  have  a  solid  explanation, your  confidence  is 
probably  well  placed.  If  they  don’t,  tell  them  you 
know  someone  who  needs  some  short-term 
kitchen  help. 

Presti  is  research  director  of  IDC’s  Network 
Channels  and  Alliances  service.  He  can  be 
reached  at  kpresti@idc.com. 


It’s  an  XML  world 


XML  is  taking  over  the  world  as  we  know  it, 
having  become  the  foundation  for  almost 
all  of  today’s  Web  services  and  most  ser¬ 
vice-oriented  architectures.  XML  is  not  a  tech¬ 
nology  per  se;  it’s  a  programming  language  that 
supports  developers  devising  their  own  custom 
tags  for  Web  information.  This  allows  that  infor¬ 
mation  to  be  shared  by  XML-aware  applications 
that  can  interpret  the  tags  and  organize  the 
data  accordingly. 

Recently  we’ve  seen  a  spate  of  watershed  XML- 
related  events: 

•  Microsoft  announced  the  next  version  of 
Microsoft  Office,  code-named  Office  12,  will  have 
XML  as  its  native  file  format.  Say  goodbye  to  .ppt, 
.doc  and  .xls.  These  “default”  XML  file  formats  are 
designed  as  an  extension  of  the  Wordprocess- 
ingML  and  SpreadsheetML  schemas  and  will  be 
interoperable  with  the  binary  formats  of  Office 
2000  and  later. 

•  Intel  bought  start-up  Sarvega,  an  early  propo¬ 
nent  of  XML  switching.  Sarvega  created  its  own 
operating  system  for  efficiently  processing,  accel¬ 
erating,  securing  and  maintaining  XML  traffic.This 
acquisition  will  bring  the  power  of  Sarvega’s  XML 
heritage  to  Intel’s  product  line.  This  XML  overlay 
will  transform  the  processing  of  XML  traffic  at  its 
most  basic  and  fundamental  level. 

•  Cisco  launched  its  Application  Oriented 
Networking  (AON)  platform  in  June.  AON  is  a  real 
application  switching  platform  in  that  it  not  only 
supports  XML,  but  also  non-XML  network  applica¬ 
tions  such  as  database  applications,  voice,  video, 
file  sharing  and  instant  messaging. 


•  Companies  such  as  Datapower  and  Reactivity 
continue  to  stoke  up  wins  with  their  XML  appli¬ 
ance,  network  and  software  products.  We’ve  seen 
XML-aware  products  move  from  server  appli¬ 
ances  to  server  blades  to  software  and  soon  to 
more  basic  levels. 

People  have  always  talked  about  how  applica¬ 
tion  switching  is  the  natural  evolution  from  XML 
switching,  and  that  application  switching  ulti¬ 
mately  will  be  swallowed  up  by  the  router  mak¬ 
ers.  But  actually  getting  to  the  point  where  the 
router  makers  are  putting  XML  switching  in  their 
systems,  Intel  is  building  XML  accelerating  and 

There’s  enough  experience 
with  the  earlier  adopters  to 
project  XML  weak  spots. 

securing  software,  and  Microsoft  is  converting 
age-tested  document  formats  to  XML  —  this 
says  XML  switching  has  arrived,  and  you’d  better 
take  notice. 

The  problem  with  XML  is  finding  out  who  owns 
this  market.  Look  at  the  above  examples,  and 
you’ve  got  a  WAN  network  player,  a  software  play¬ 
er  and  a  chip  manufacturer  all  heading  in  a  simi¬ 
lar  direction. 

So  what’s  a  company  to  do  about  this?  Well,  the 
moves  in  software  and  applications  are  scarcely  a 
surprise,  but  the  network  moves  need  your  atten¬ 
tion.  The  impact  of  XML  switching  —  including 
acceleration  and  security  —  will  take  some  figur¬ 
ing  out.  The  problem  is  that  many  organizations 


already  use  prioritized  switching  for  QoS  for  tech¬ 
nologies  such  as  VoIP  and  use  XML  only  in  isolat¬ 
ed  ways,  pending  the  Microsoft  onslaught  at  the 
mass  desktop  level. You’ll  find  your  CRM  kicking 
out  XML  files  to  the  branches,  the  finance  depart¬ 
ment  conforming  to  government  XML  guidelines, 
and  even  marketing  toying  with  XML  templates 
for  partner  and  channel  communications.  This  is 
one  of  those  areas  where  the  topic  is  so  threaded 
throughout  your  organization  that  you  have  to  do 
research  to  figure  out  what  you’re  dealing  with. 

The  problem  is  likely  a  little  worse  than  that. 
Those  who  have  been  thinking  about  it  might  be 
in  your  data  center  or  owners  of  specific  applica¬ 
tions.  Now  that  this  is  hitting  the  network  industry 
square  in  the  face,  you  might  find  you  have  some 
internal  catch-up  to  do.  There  are  many  architec¬ 
tural  decisions  to  make.  You  need  to  decide 
among  general-purpose  servers  and  software 
(now  including  Intel);  server  appliances  (Re¬ 
activity  Sarvega);  high-end  application  servers 
(IBM,  BEA);  dedicated  chips  and  subsystems  for 
embedding  (DataPower,  Tarari,  potentially  Intel); 
network  devices  (Cisco,  DataFbwer);  or  even  out¬ 
sourcing  to  a  managed  service  provider. 

So  check  out  AON.  Call  Sarvega.  Find  out  about 
DataFbwer.  There’s  enough  experience  now  with 
the  earlier  adopters  to  project  where  your  XML 
weak  spots  are  going  to  be  as  your  organization 
scales  with  XML. 

Briere  is  CEO  of  TeleChoice,  a  market  strategy 
consultancy  for  the  telecom  industry.  He  can  be 
reached  at  telecomcatalyst@telechoice.com. 


McAfee,  Tech  Assist  top  anti-spyware  test 


Spyware  can  kill  your  business  quicker  than  spam  or  viruses.  Spam  eats  band¬ 
width  and  productivity  (as  you  spend  time  deleting  in-basket  items). Viruses 
delete  files,  throw  egotistical  messages  on  your  screen  and  use  your  address 
book  as  a  springboard  for  perpetuating  themselves  across  the  network. 


BY  BARRY  NANCE,  NETWORK  WORLD  LAB  ALLIANCE 


But  spyware  insidiously  logs  your  keystrokes,  rifles 
through  your  files  for  password  and  credit  card  data,  pep¬ 
pers  your  screen  with  ads  and  slows  your  PCs  to  a  crawl. 

To  find  which  anti-spyware  product  is  best  for  your  cor¬ 
porate  network,  we  invited  about  30  vendors  to  submit 
products  to  our  lab  for  testing.  We  received  18  products 
from  16  vendors  (see  box), and  we  also  looked  at  the  beta 
version  of  Microsoft's  Windows  AntiSpyware  tool. 

Identifying  and  removing  spyware  (either  at  the  desktop 
or  preventing  at  the  gateway)  was  our  most  important  cri¬ 
teria.  We  also  looked  for  useful  reports,  timely  alerts  and 
easy  deployment  and  usability  Protecting  our  network 
from  users  who  roam  the  Internet  too  freely  or  who  bring 
unapproved  software  into  the  office,  was  our  main  goal. 

We  gave  separate  awards  for  the  gateway  and  the 
client/server  approaches.  McAfee’s  Secure  Web  Gateway 
wins  a  Clear  Choice  award  for  keeping  spyware  from 
entering  our  network  (see  Net  Results  for  anti-spyware 
gateway  products,  page  58).  The  Secure  Web  Gateway 
thwarted  90%  of  the  spyware  in  our  tests,  has  an  intuitive 
user  interface  and  was  child’s  play  to  install.  On  the  client 
or  server,  Tech  Assist’s  Omniquad  AntiSpy  Enterprise  wins 
Clear  Choice  award  (see  Net  Results,  page  53.)  These  prod¬ 
ucts  had  high  spyware  detection  success  rates,  easy-to-nav- 
igate  user  interfaces  and  useful  reports. 

Gateway  defenses 

Stopping  spyware  via  gateways  at  each  Internet  connec¬ 
tion  point  is  clearly  superior  to  cleaning  it  from  individual 
server  and  desktop  computers.  A  gateway  is  easier  to 
administer,  users  can’t  fool  with  it  and  desktop  machines 
and  servers  don’t  have  to  shoulder  the  extra  burden  of 
detecting  and  removing  spyware.  As  long  as  a  gateway  fil¬ 
ters  every  single  crumb  of  spyware  and  users  do  not  bring 
freeware  or  shareware  software  into  the  office,  the  gateway 
approach  is  an  ideal  anti-spyware  solution. 

Two  products  we  tested,  Blue  Coat’s  Spyware  Interceptor 
and  McAfee’s  Secure  Web  Gateway  are  network  appliances 
that  filter  traffic  to  and  from  the  Internet.  Each  installs 
between  an  Internet  router  and  its  switch  or  hub,  and  each 
filters  spyware  before  it  reaches  the  desktop.  Two  software 
products,  Aladdin’s  eSafe  and  Trend  Micro’s  InterScan  Anti- 
Spyware  Suite,  turn  dual-network  interface  card  (NIC)  com¬ 
puters  into  gateways.  One  NIC  connects  to  the  Internet 
while  the  other  connects  to  the  local  network.The  software 
filters  the  traffic  flowing  between  the  two  network  adapters. 

The  McAfee  appliance  stopped  an  impressive  90%  of  the 
spyware  in  our  tests.The  appliance,  a  hefty  1U  rack-mount- 


What  we  tested 

We  evaluated  Aladdin  Knowledge  Systems' 
eSafe  Version  5,  Blue  Coat  Systems’ 
Spyware  Interceptor,  Computer  Associates’ 
eTrust  PestPatrol  Corporate  Edition  v5, 
Fortinet's  FortiClient  Host  Security  2.0,  F- 
Secure's  Anti-Virus  Client  Security  6.0, 
Lavasoft  AB's  Ad-Aware  Professional, 
McAfee's  Anti-Spyware  Enterprise  8.0i  and 
Secure  Content  Management  Appliance  4.0 
(Secure  Web  Gateway  model  3300),  Panda 
Software’s  EnterpriSecure  with  TruPrevent 
Technology,  Ashanti  PLC  LTD’s  Spyware 
Defense  V1.3,  Sunbelt  Software's  CounterSpy 
Enterprise  Version  1.5,  SurfControl’s  Ent¬ 
erprise  Threat  Shield,  Tangent’s  Packet  Hawk 
Version  2.0,  Omniquad/Tech  Assist's  Omni¬ 
quad  AntiSpy  Enterprise  Version  3.3,  Trend 
Micro’s  InterScan  Anti-Spyware  Suite  and  Of- 
ficeScan  Anti-Spyware  Suite,  Webroot  Soft¬ 
ware's  Spy  Sweeper  Enterprise  2.1  and  Web- 
sense's  WebSense  Web  Security  Suite-Lock¬ 
down  Edition. 


ed  Dell  FowerEdge  1850  pre-loaded  with  Windows,  anti-spy¬ 
ware  filtering  software  and  browser-accessible  administra¬ 
tion  tools,  is  one  of  McAfee’s  Secure  Content  Management 
Appliance  4.0  products.  Secure  Web  Gateway  gave  us  URL 
filtering,  Internet  Content  Adaptation  Protocol  support  and 
an  easy-to-navigate  user  interface.  It  also  can  send  SNMP 
alerts  (for  example,  to  HP  Open  View  or  other  frameworks). 
Installation  was  as  simple  as  connecting  the  box  to  a  router 
and  switch,  powering  it  up  and  assigning  an  IP  address. 

Blue  Coat’s  Spyware  Interceptor  thwarted  82%  of  our 
incoming  spyware.  Spyware  Interceptor  is  a  1U  rack¬ 
mounted  device  containing  on-chip  logic  for  stopping 
spyware.  The  vendor  targets  Interceptor  at  networks  of  up 
to  1 ,000  users.  Spyware  Interceptor  uses  what  Blue  Coat 
calls  its  Spyware  Catching  Object  Protection  Engine  to 
intercept,  analyze  and  halt  over-the-wire  executable  mal¬ 
ware.  This  gateway-based  engine  blocks  known  spyware 
site  URLs,  outbound  connections  to  known  spyware  sites 
(such  as  from  a  spyware-infected  client), “drive-by”  (unso¬ 
licited)  executable  file  downloads  and  known  spyware 


files.  Remarkably,  Spyware  Interceptor  allowed  access  to 
non-executable  portions  of  spyware  sites,  which  meant  we 
saw  the  spyware  site  without  worrying  about  infection.  It 
doesn’t  support  SNMP  alerts.  Blue  Coat  also  sent  us  a  copy 
of  WinProxy  Secure  Site  6.0,  a  software-based  gateway 
product  that  blocks  spyware  via  its  anti-virus  and  URL  fil¬ 
tering  features.  WinProxy  is  intended  for  smaller  networks. 

Aladdin’s  eSafe  turned  aside  88%  of  the  spyware  in  our 
tests.  Using  a  five-pronged  approach  to  identify  spyware,  it 
inspects  vendor  ActiveX  digital  signatures,  looks  for  attempts 
to  exploit  security  holes,  matches  executable  signatures  to 
those  of  known  spyware,  notes  references  to  known  spy- 
ware  Web  sites  (via  URL  or  IP  address)  and  detects  attempts 
by  spyware  to  communicate  with  spyware  sites.  ESafe  not 
only  prevents  the  installation  of  unsolicited  software  on 
PCs,  it  points  out  to  administrators  those  already-infected 
PCs  that  are  trying  to  send  data  back  to  spyware  vendors.  Its 
comprehensive  and  detailed  log  file  tells  what  spyware  was 
blocked,  what  spyware  technique  was  used  and  what  Web 
site  it  came  from.  ESafe’s  user  interface  is  thoughtfully 
designed,  and  it  integrates  with  a  network  management  sys¬ 
tem  via  syslog  entries  or  SNMP  alerts. 

Trend  Micro’s  OfficeScan  Anti-Spyware  Suite  and 
InterScan  Anti-Spyware  Suite  are  a  matched  pair. 
InterScan,  acting  as  the  first  line  of  defense  against  spy- 
ware,  is  gateway  software  that  is  installed  on  a  dual-NIC  PC 
sitting  at  an  Internet  connection  point.  In  contrast, 
OfficeScan  is  a  client/server  anti-spyware  tool  that  runs  on 
desktop  and  server  PCs  and  that  has  a  central  browser- 
accessible  management  console.  Together,  InterScan  and 
OfficeScan  foiled  86%  of  spyware  in  our  tests. Trend  Micro 
uses  a  signature  file  to  identify  spyware. 

InterScan  contains  two  components:  InterScan  Web 
Security  Suite  and  Trend  Micro  Damage  Cleanup  Services. 
Together,  these  block  inbound  spyware  from  known  spy- 
ware  sites,  block  outbound  transmissions  by  spyware, 
block  the  browsing  of  known  spyware  sites  and  even 
detect  spyware-infected  servers  and  clients.  Automatically 
and  without  installing  a  permanent  agent,  InterScan  sends 
Damage  Cleanup  Services  software  to  the  infected 
machine  for  quick  removal  of  the  miscreant.  InterScan  can 
send  SNMP  alerts  for  events  such  as  service  start-up/shut- 
down,  signature  file  update  and  spyware  blocked,  while 
OfficeScan  can  send  an  SNMP  alert  each  time  it  thwarts  a 
spyware  installation  attempt.  Both  InterScan  and 
OfficeScan  integrate  with  Cisco  routers  on  which  Network 
Admission  Control  is  enabled. 

OfficeScan  has  a  Windows-based  run-time  component 
that  detects  and  blocks  spyware  on  Windows  servers  and 
clients,  and  Trend  Micro  includes  ServerProtect  for  Novell 
NetWare  and  ServerProtect  for  Linux  to  block  spyware  on 
non-Windows  machines.  OfficeScan’s  Damage  Cleanup 
Services  component  removes  most  spyware  residue  from 
clients  and  renders  the  spyware  inactive.  The  OfficeScan 
central  browser-accessed  console  is  simple  and  straight¬ 
forward  to  use.  InterScan  and  OfficeScan  record  consider¬ 
able  detail  about  each  spyware  instance  encountered  and 

See  Spyware,  page  54 
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Product 

Omniquad  AntiSpy  Enterprise 
Version  3.3 

Web  Security  Suite-Lockdown 
Edition 

CounterSpy  Enterprise  Version 
1.5 

Spy  Sweeper  Enterprise 
Version  2.1 

Anti-Spyware  Enterprise  8.0i 

Vendor 

Tech  Assist 

www.toolsthatwork.com 

WebSense 

www.websense.com 

Sunbelt  Software 

www.sunbeltsoftware.com 

Webroot  Software 

www.webroot.com 

McAfee  www.mcafee.com 

Price 

$3  per  user. 

$50  per  user,  per  year. 

$135  for  five  seats,  $1,800  for 
100  seats,  $6,500  for  500  seats, 
$11,000  for  1 ,000  seats. 

$29.95  per  user  for  more  than 

10  users. 

$14  per  user  for  101  users. 

Pros 

Lots  of  scanning  options; 
removed  all  spyware  traces. 

Left  no  spyware  residue;  can 
prevent  installation  of  any  new 
executable. 

Excellent  reports;  removed  all 
spyware  residue. 

Excellent  user  interface;  highly 
scalable. 

Excellent  reports;  easy  client 
agent  deployment. 

Cons 

No  undelete  function. 

No  SNMP  alerts. 

No  SNMP  alerts. 

No  SNMP  alerts. 

Detected  only  76%  of  the 
spyware. 

Score 

4.1 

3.9 

3.7 

3.7 

3.6 

Product 

SurfControl  Enterprise  Threat 
Shield 

eTrust  PestPatrol  Corporate 
Edition  Version  5 

Packet  Hawk  Version  2.0 

FortiClient  Host  Security  2.0 

Anti-Virus  Client  Security  6.0 

Vendor 

SurfControl 

www.surfcontrol.com 

Computer  Associates 

www.ca.com 

Tangent  www.tangent.com 

Fortinet  www.fortinet.com 

F-Secure  www.f-secure.com 

Price 

For  1,001  users,  first  year  is 
$18,690  and  second  year  is 

$10,290. 

Starts  at  $39.95  per  seat. 

Starts  at  $1,500  plus  an  annual 
subscription  ($495  for  100 
desktops). 

$15.95  per  user. 

$72  for  10  licenses. 

Pros 

Drag-and-drop  visual  environ¬ 
ment  for  assigning  policies  to 
clients;  good  data  export  options. 

Flawless,  quick  installation  of 
agents  on  clients. 

Easy,  appliance-based  manage¬ 
ment  and  installation  of  clients 
agents;  good  user  interface. 

Implements  NAT  and  can  be  an 
IPSecVPN  client. 

Removed  all  spyware  residue. 

Cons 

No  SNMP  alerts;  did  not 
remove  all  spyware  residue. 

No  SNMP  alerts. 

No  SNMP  alerts. 

No  SNMP  alerts. 

Uses  lots  of  memory. 

Score 

3.6 

3.5 

3.5 

3.2 

3.2 

Product 

Ad-Aware  SE  Enterprise  2005  Edition 

EnterpriSecure  with  TruPrevent 
Technology 

Microsoft  Windows  AntiSpyware 
(Beta) 

Spyware  Defense  Version  1.3 

Vendor 

Lavasoft  AB  www.lavasoft.com 

Panda  Software 

www.pandasoftware.com 

Microsoft  www.microsoft.com 

Ashanti  PLC 

www.spywaredefense.com 

Price 

From  $22  to  $32  per  seat. 

$3,000  for  50  users. 

Free. 

Single  user  $29.99,  LAN  user  (more 
than  15)  $20.99,  (Five  to  15)  $25.99,  (Five) 
$29.99. 

Pros 

Client  agents  install  automatically  and 
silently. 

Good  central  control  of  spyware 
scanning  and  agent  deployment. 

Removes  all  spyware  residue. 

Removed  all  spyware  residue. 

Cons 

No  SNMP  alerts;  more  oriented  to 
technical  users  than  the  other  products. 

Reports  need  more  detail  and  better 
selection  criteria;  uses  lots  of  memory. 

Requires  lots  of  user  intervention  for 
each  spyware  instance  detected; 
currently  lacks  a  central  console. 

Manual  deployment  of  client  agents; 
manual  updates  of  spyware  definition 
file;  no  SNMP  alerts;  removed  only  72% 
of  test  spyware. 

Score 

3.2 

3.2 

2.7 

2.6 

The  Breakdown 

Identifying  and  thwarting 
spyware  40% 

Reports  and  alerts  20% 

Installation  and 
deployment  20% 

Ease  of  use  10% 

Documentation  10% 

Total  score 

Ornniquad  AntiSpy  Enterprise  Version  3.3 

4 

5 

4 

4 

3 

4.1 

Web  Security  Suite-Lockdown  Edition 

4 

4 

4 

4 

3 

3.9 

CounterSpy  Enterprise  Version  1.5 

4 

3 

4 

4 

3 

3.7 

Spy  Sweeper  Enterprise  Version  2.1 

4 

3 

4 

3 

4 

3.7 

Anti-Spyware  Enterprise  8.0i 

3 

4 

4 

4 

4 

3.6 

SurfControl  Enterprise  Threat  Shield 

3 

4 

4 

5 

3 

3.6 

eTrust  PestPatrol  Corporate  Edition  Version  5 

3 

4 

4 

4 

3 

3.5 

Packet  Hawk  Version  2.0 

3 

3 

5 

4 

3 

3.5 

FortiClient  Host  Security  2.0 

3 

3 

4 

3 

3 

3.2 

Anti-Virus  Client  Security  6.0 

3 

3 

4 

3 

3 

3.2 

Ad-Aware  SE  Enterprise  2005  Edition 

3 

3 

4 

3 

3 

3.2 

EnterpriSecure  with  TruPrevent  Technology 

3 

3 

4 

3 

3 

3.2 

Windows  AntiSpyware  (Beta) 

3 

3 

2 

3 

2 

2.7 

Spyware  Defense  Version  1.3 

3 

3 

2 

2 

2 

2.6 

Scwiig  Key:  5:  Exceptional:  4:  Very  good:  3:  Average:  2:  Below  average:  1:  Subpar  or  not  available 
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How  to  identify  spyware 

Anti-spyware  products  identify  spyware  by  recognizing  executable  files,  by 
noting  that  a  PC  is  attempting  to  access  a  known  spyware  Internet  site  or 
by  detecting  that  a  computer  program  is  making  inappropriate  changes  to 
the  Windows  registry.  Vendors  find  themselves  “chasing”  spyware  by  react¬ 
ing  to  new  spyware  instances  and  new  spyware  behaviors  as  they  emerge. 
We'd  like  to  see  anti-spyware  vendors  take  a  pre-emptive  approach  that 
allows  better  than  90%  success  at  catching  spyware. 


Spyware 
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can  present  that  data  in  a  variety  of  helpful 
reports. 

Client/server  systems 

Stopping  spyware  at  the  gateway  might 
not  be  enough,  especially  if  users  bring  free¬ 
ware  or  shareware  into  the  office. You  might 
need  to  run  an  anti-spyware  tool  directly  on 
client  PCs  and  servers.  Also  note  that  using 
both  gateway  and  client/server  products 
can  potentially  increase  your  success  rate  at 
avoiding  spyware. 

WebSense  Web  Security  Suite-Lockdown 
Edition  squashed  88%  of  our  test  spyware. 
It  distinguishes  spyware  by  Secure  Hash 
Algorithm-based  signatures,  computer  pro¬ 
gram  name,  URL  and  IP  address  access. 
Web  Security  Suite-Lockdown  also  detects 
infected  PCs  by  noting  —  and  blocking  — 
attempts  by  spyware  to  send  information 
back  to  a  known  spyware  URL  or  IP 
address.  It  also  can  thwart  peer-to-peer  file 
sharing,  such  as  is  commonly  used  by 


music  download  services.  Clients  use 
about  12M  bytes  of  RAM  and  leave  no 
residue  following  a  spyware  removal  oper¬ 
ation.  An  administrator  can  configure  Web 
Security  Suite-Lockdown  to  prevent  the 
installation  of  any  executable  files  on  a  PC, 
thus  giving  some  assurance  that  the  PC  will 
run  only  approved  software.  It  doesn’t  yet 
integrate  via  SNMP  with  a  network  man¬ 
agement  system. 

Using  a  signature  file  to  spot  spyware, 
Tech  Assist’s  Omniquad  AntiSpy  Enterprise 
eliminated  86%  of  our  test  spyware. 
Omniquad  AntiSpy  Enterprise’s  central 
console  offers  both  quick  scans  and  com¬ 
plete  scans.  Quick  scans,  which  look  at 
running  processes  and  other  readily 
accessed  system  data,  take  seconds  to  run. 
Complete  scans,  which  additionally  search 
for  spyware  files  and  inspect  the  Windows 
registry  can  take  a  few  minutes.  Client 
agents  can  be  left  resident  in  memory, 
where  they  catch  spyware  in  real  time. 
Ominquad  AntiSpy  Enterprise  deploys 
client  agents  easily  and  automatically  from 
the  central  console.  The  console  compo¬ 


nent  stores  configuration  and  policy  data 
in  Active  Directory,  and  it  can  emit  SNMP 
alerts  when  spyware  events  occur. 
Omniquad  AntiSpy  Enterprise  removed  all 
spyware  residue,  including  files  and  reg¬ 
istry  entries,  in  our  tests. 

Sunbelt  Software’s  CounterSpy  Enterprise 
aced  86%  of  the  spyware  we  threw  at  it.  It 
recognizes  spyware  via  its  file  of  MD5  hash 
signatures  as  well  as  what  Sunbelt  calls 
Active  Protection  —  the  detection  of 
changes  to  the  registry  system  files  and  sys¬ 
tem  start-up  list.  Each  CounterSpy  Enterprise 


Update  frequency  ** 


agent’s  memory  footprint  is  about  15M 
bytes.  Because  Sunbelt  established  a  busi¬ 
ness  relationship  with  Giant  Company 
Software,  now  owned  by  Microsoft,  Sunbelt 
gets  the  same  spyware  definitions  that 
Microsoft  uses  in  its  new  Windows 
AntiSpyware  tool.  With  its  Crystal  Reports 
run-time  module,  CounterSpy  Enterprise 
produces  detailed,  helpful  reports  orga¬ 
nized  by  client,  by  spyware  instance  or  by 
date  range.  It  left  no  spyware  residue  in  our 
tests,  and  its  central  console  has  an  intu¬ 
itively  easy-to-use  interface.  CounterSpy 
Enterprise,  however,  doesn’t  do  SNMP  alerts. 

Webroot  Software’s  Spy  Sweeper 
Enterprise  cleaned  up  85%  of  our  test  spy- 
ware.  It  uses  a  signature  file  plus  the  detec¬ 
tion  of  file,  memory  and  registry  alterations 
to  recognize  spyware.The  central  console’s 
user  interface  is  especially  well  designed 
and  easy  to  navigate.  Client  agent  memory 
usage  is  about  12M  bytes,  and  each  client 
logs  spyware  events  on  the  client  in  addi¬ 
tion  to  sending  event  notifications  to  the 
server.  Spy  Sweeper  Enterprise  left  some 
harmless  data  file  residue  in  our  tests.  The 
Spy  Sweeper  Enterprise  server  consists  of 
administrative  console,  database,  spyware 
definition  updater  and  client  agent  manag¬ 
er,  with  each  component  able  to  run  on 
separate  computers  for  the  sake  of  scala¬ 
bility.  It  doesn’t  yet  transmit  SNMP  alerts. 

SurfControl  Enterprise  Threat  Shield  dis¬ 
abled  82%  of  the  test  spyware.  Threat 
Shield’s  central  console  automatically 
deploys  client  agents  down  to  PCs,  and  each 
agent  refers  to  the  central  console’s  spyware 
definition  database  to  validate  incoming 
executable  files.The  spyware  definitions  are 
the  signatures  of  known  malware.  The  cen¬ 
tral  console  gives  administrators  a  drag  and- 
drop  visual  environment  for  applying  anti¬ 
spyware  policies  to  individual  PCs  or  a 
named  group  of  PCs.  Each  policy  consists  of 
elements  such  as  executable  file  signatures 
or  wild-card-based  range  of  system  file 
names.  The  administrator  chooses  the 
action  to  take  when  a  spyware  event 
occurs,  from  deleting  the  culprit  to  notifying 
the  administrator.  Threat  Shield’s  reports, 
which  are  easily  customized,  show  views 
based  on  trends,  violations  or  aggregate  spy- 
ware  activity  An  administrator  can  choose 
to  export  report  data  as  Adobe  Acrobat  PDF 
Microsoft  Word  or  Excel  files.  Threat  Shield 
is  especially  frugal  with  client  memory 
Depending  on  the  policies  and  spyware 
See  Spyware,  page  56 


Accuracy,  classification  and  updates 


Product 


Success 

Rate 


Spyware  instances  recognized  * 


Secure  Content  Management  Appliance 

4.0  (Secure  Web  Gateway  model  3300) 

90% 

Uses  malware  detection  scheme  plus  signatures  to  block  spyware  proactively. 

Daily 

ESafe  version  5 

88% 

Uses  malware  detection  scheme  plus  signatures  to  block  spyware  proactively. 

On  average,  three  times 
a  week 

WebSense  Web  Security  Suite-Lockdown 
Edition 

88% 

24,000  spyware  instances,  plus  over  119,000  spyware-associated  Web  sites 

Daily 

CounterSpy  Enterprise  Version  1.5 

86% 

75,492  traces  and  approximately  7,531  threats 

At  least  once  a  week  but 
usually  twice  a  week 

InterScan  Anti-Spyware  Suite 

86% 

More  than  32,000 

Hourly 

OfficeScan  Anti-Spyware  Suite 

86% 

More  than  32,000 

Hourly 

Omniquad  AntiSpy  Enterprise  Version  3.3 

86% 

55,010 

Daily 

Spy  Sweeper  Enterprise  2.1 

85% 

100,087 

Twice  weekly 

eTrust  PestPatrol  Corporate  Edition  v5 

82% 

27,902  unique  variants 

At  least  once  weekly 

Spyware  Interceptor 

82% 

6,980  spyware  sources  (inbound  URLs)  and  5,530  spyware  effects  (outbound 
URLs).  2,358  spyware  IP  addresses,  4,240  unique  spyware  instances. 

At  least  six  times  a  day 

SurfControl  Enterprise  Threat  Shield 

82% 

Over  12,000  unique  spyware  files,  over  25,000  games,  over  1,200  P2P  files  and 
over  850  instant  messaging  files. 

At  least  weekly 

Packet  Hawk  Version  2.0 

81% 

22,000 

Weekly 

Microsoft  AntiSpyware 

80% 

Confidential 

User-settable 

Ad-Aware  Professional 

78% 

41,785 

On  start-up 

Anti-Virus  Client  Security  6.0 

78% 

35,000  spyware  signatures  (3,000  to  4,000  variants  belonging  to  600  families). 

Twice  daily,  on  average 

EnterpriSecure  with  TruPrevent  Technology 

78% 

Vendor  says,  "We've  been  developing  signatures  against  this  type  of  threat  for 
years,  so  it  is  comprehensive." 

At  least  daily 

FortiClient  2.0 

CO 

NO 

ON 

More  than  3,200 

Whenever  vendor 
creates  new  signatures 

McAfee  Anti-Spyware  Enterprise  8.0i 

76% 

More  than  4,580  spyware  instances 

Daily 

Spyware  Defense  VI  .3 

72% 

1,114 

Once  a  week 

’  Some  anti-spyware  vendors  count  every  variation  of  a  spyware  instance,  while  other  vendors  simply  count  a  spyware  instance  and  variations  of  that  same  instance 
as  a  single  entity.  The  anti-spyware  industry  needs  to  develop  and  promote  some  standards  for  what  constitutes  a  spyware  entity. 

"  All  the  products  allow  administrators  to  manually  request  spyware  definition  file  updates  at  any  time. 


Scott  hates  us. 


And  our  customers  couldn’t  be  happier.  Scott's  a  hacker  and  it’s  our  job  to  make 
his  job  impossible.  We're  Sophos,  a  global  leader  in  network  security  for  business. 


Over  106,000  viruses  want  inside  your  network.  The  number  is  growing  — and  so  is 
the  severity  of  attacks.  Sophos  knows  how  to  stop  them.  Our  proven  solutions  defend 
against  viruses,  spam,  worms,  Trojans  and  spyware.  In  fact,  Sophos  Anti-Virus  is 
100%  Checkmark  certified  for  spyware.  Join  the  35  million  business  users  in  150 
countries  who  depend  on  our  technology,  expertise  and  acclaimed  customer  support. 

FREE  expert  resources  on  spyware  at  stopthethreat.com.  Sophos  proven 
integrated  threat  management  solutions  address  your  network’s  protection,  performance, 
productivity  and  policy  enforcement  challenges.  Download  free  analyst  reports,  online 
seminars,  case  studies  and  white  papers,  including  Wiping  out  spyware  through 
integrated  threat  management,  at  stopthethreat.com  today. 

SOPHOS 

anti-virus,  anti-spam,  spyware 
and  email  policy  for  business 


Free  downloads  and  the  chance  to  win  at  stopthethreat.com  ENTER  PIN:  2ebcb7 


Checkmark 
Spyware  Certification 
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The  Microsoft  factor 

Microsoft  obtained  Windows  AntiSpyware,  which  is  still  in  beta  test,  when 
it  purchased  Giant  Company  Software.  Windows  AntiSpyware  detected 
80%  of  our  test  spyware.  When  it  finds  spyware,  Windows  AntiSpyware  pre¬ 
sents  the  administrator  with  a  list  of  threats  found,  details  about  each  threat 
and  recommendations  for  resolving  each  threat.  At  the  administrator's 
behest,  Windows  AntiSpyware  removes  every  vestige  of  a  spyware  instance. 
Like  Omniquad  AntiSpy  Enterprise,  Windows  AntiSpyware  can  do  a  quick  or 
full  scan.  Microsoft  says  the  product  will  have  a  central  console  in  the  future. 
The  Windows  AntiSpyware  beta  test  period  is  to  conclude  by  year-end. 
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definition  file  used  by  a  client,  the  agent 
takes  up  220K  to  750K  bytes.  Threat  Shield 
left  a  small  amount  of  residue  —  a  couple 
of  harmless  data  files  —  after  some  spyware 
removal  actions.lt  doesn’t  emit  SNMP  alerts. 

Running  on  Internet-connected  servers 
and  clients,  Computer  Associates’  eTrust 
RestPatrol  rid  our  computers  of  82%  of  the 
test  spyware.  ETrust  RestPatrols  automatic 
installation  of  agents  onto  desktops  worked 
flawlessly  and  quickly  Through  the  well- 
designed  central  console,  we  easily 
launched  scans  on  demand,  at  times  we 
scheduled  or  when  users  logged  on  to  the 
network.  When  an  eTrust  RestPatrol  agent 
discovered  spyware.it  generated  an  alert  on 
the  central  console,  logged  the  event  and  let 
us  remove  the  spyware  with  a  mouse  click. 
ETrust  RestPatrol  recognizes  spyware  via  a 
signature  file  and  by  URL/IP  address.  It  fas¬ 
tidiously  removed  every  vestige  of  spyware 
residue,  including  registry  entries.  ETrust 
FtestPatrol’s  reports  can  be  grouped  by  user, 
by  date/time  or  by  spyware  instance  name. 
ETrust  RestPatrol  uses  about  20M  bytes  of 
RAM  on  each  protected  computer  if  its 
Active  Protection  feature  is  enabled.lt  does¬ 
n’t  send  SNMP  alerts. 

Tangent’s  Packet  Hawk  is  a  network  appli¬ 
ance,  but  it’s  not  a  gateway  Rather,  it  con¬ 
tains  a  management  console  and 
client/server  anti-spyware  agents  that  it 
automatically  distributes  across  a  Windows- 
based  network.  In  our  tests,  it  recognized 
and  discarded  81%  of  the  test  spyware.  The 
unit  is  a  1U  rack-mounted  computer  pre- 
loaded  with  Windows  and  the  Packet  Hawk 
software.  Installation  consists  of  connecting 


the  unit  to  a  switch  or  hub,  powering  it  up, 
giving  it  an  IP  address  and,  in  an  Active 
Directory  environment,  setting  up  a 
domain  account  the  device  can  use  to  log 
onto  the  network.The  setup  process  is  well 
documented,  but  Tangent  offers  new  cus¬ 
tomers  Quick  Start  free  remote  setup  sup¬ 
port.  On  desktop  PCs  or  servers,  Packet 
Hawk’s  scans  automatically  find,  remove 
and  block  spyware,  adware,  pop-ups,  mal¬ 
ware,  games,  instant  messaging  clients  and 
peer-to-peer  tools.  The  console’s  user  inter¬ 
face  is  simple  and  incorporates  numerous 
wizards  for  stepping  through  configuration 
tasks  such  as  scheduling  updates.  Packet 
Hawk  doesn’t  emit  SNMP  alerts.  Tangent 
targets  various  models  of  Packet  Hawk  at 
networks  of  100  to  5,000  clients. 

F-Secure’s  Anti-Virus  Client  Security  is 
based  on  Lavasoft’s  Ad-Aware  product.  It 
zapped  78%  of  our  test  spyware  and  did  an 
excellent  job  of  removing  every  trace  of 
spyware  residue,  including  files,  registry 
entries  and  system  start-up  list  entries.  It  is 
painless  to  install  and  deploy,  easy  to  use 
and  tracks  useful  details  about  spyware 
intrusion  attempts,  such  as  list  of  spyware 
files,  spyware  name  and  classification, 
removal  actions  taken,  date,  time  and  file 
path.  Anti-Virus  Client  Security  recognizes 
spyware  via  signature,  Windows  registry 
keys,  start-up  list  entries,  file  association 
changes  and  application  hijacking  efforts. 
Its  memory  footprint  is  47M  bytes,  and  Anti- 
Virus  Client  Security  can  send  SNMP  alerts 
to  a  network  management  system  such  as 
HP  OpenView. 

Like  its  close  cousin,  Anti-Virus  Client 
Security,  Lavasoft  AB’s  Ad-Aware  SE 
Enterprise  2005  Edition  successfully 
detected  and  eliminated  78%  of  the  test 


spyware.  Ad-Aware  uses  signatures,  registry 
alteration  attempts  and  references  to 
known  spyware  URLs/IP  addresses  to  iden¬ 
tify  spyware,  and  it  even  has  a  useful  facili¬ 
ty  for  adding  entries  to  the  spyware  URL/IP 
address  list  that  we  used  to  single  out  mal¬ 
ware  sites  we  discovered.  Using  Ad-Aware’s 
central  console,  called  Ad-Axis,  we  could 
automatically  distribute  Ad-Aware  clients 
across  our  network,  without  having  to  visit 
remote  sites,  and  scheduling  spyware 
scans  is  easy  with  Ad-Aware’s  no-nonsense 
user  interface.  Less  useful  is  Ad-Aware’s 
Process-Watch  component,  which,  like 
Windows  Task  Manager,  shows  currently 
running  processes  and  lets  you  stop  them. 
With  features  such  as  viewing  or  saving 
memory  images  in  hexadecimal  display 
format,  Process-Watch  is  too  technical  for 
the  average  business  user.  Ad-Aware  does¬ 
n’t  transmit  SNMP  alerts. 

Panda  Software’s  EnterpriSecure  with 
TruPrevent  Technology  gave  78%  of  our 
test  spyware  the  boot.  Like  Anti-Spyware 
Enterprise,  Panda’s  EnterpriSecure  is  pri¬ 
marily  an  anti-spyware  tool  integrated  with 


an  anti-virus  product.  Banda  supplies  its 
anti-spyware  module  as  part  of  a  collec¬ 
tion  of  anti-virus  products  for  specific  envi¬ 
ronments,  such  as  Samba,  Exchange, 
Domino,  Sendmail,  Qmail  and  file  servers. 
TruPrevent  Technology  identifies  spyware 
via  signatures  and  what  Panda  terms 
“heuristic  scans  and  behavior  analysis”  — 
examining  an  executable  file  for  embed¬ 
ded  known  spyware  URLs  and  IP  address¬ 
es  and  monitoring  a  program’s  execution 
for  registry,  file  or  system  modification. 
EnterpriSecure’s  central  console  gives 
administrators  full  control  of  anti-spyware 
and  anti-virus  scanning  and  agent  deploy- 
ment.The  EnterpriSecure  reports  were  use¬ 
ful,  but  we  wished  they  contained  more 
detail  about  spyware  removal  events. 
EnterpriSecure  uses  from  30M  to  40M  bytes 
of  RAM,  depending  on  how  many  of  its 
options  you  enable.  It  leaves  no  spyware 
residue  after  a  removal  effort,  and  while  it 
doesn’t  emit  SNMP  alerts,  EnterpriSecure 
can  respond  to  SQL  requests  with  removal 
event  information  if  you  don’t  mind  doing 
See  Spyware,  page  58 


NetResults  ANTI-SPYWARE  GATEWAYS 


Product 

Secure  Content  Management  Appliance 
4.0  (Secure  Web  Gateway  model  3300) 

OfTiceScan  Anti-Spyware  Suite  and 
InterScan  Anti-Spyware  Suite* 

eSafe  Version  5* 

Spyware  Interceptor 

Vendor 

Price 

Pros 

McAfee  www.mcafee.com 

Trend  Micro  www.trendmicro.com 

Aladdin  Knowledge  Systems 

www.aladdin.com 

Blue  Coat  Systems 

www.bluecoat.com 

$12,995  plus  $10.09  per  user  (501  to  1,000 
users)  base  license  plus  $13.25  per  user 
(501  to  1,000  users)  Web  Filtering  module 
license. 

For  1,001  users,  InterScan  Anti-Spyware 
Suite  is  $11.87  per  user  and  Off  iceScan 
Anti-Spyware  Suite  is  $22.26  per  user. 

$6,250  for  100  users,  $23,750  for  1,000 
users  (includes  URL  filtering). 

From  $3.99  per  user,  per  year  to  $11.66 
per  user  per  year. 

High  detection  success  rate;  easy 
installation. 

Integrates  with  Network  Access 
Control-enabled  Cisco  routers. 

Excellent  reports;  removed  all  spyware 
residue. 

Easy,  quick  installation. 

Cons 

URL  filtering  should  be  a  standard 
feature,  not  optional. 

OfficeScan's  scans  were  slower  than 
those  of  the  other  products. 

No  SNMP  alerts. 

Powering  on  the  appliance  disrupts  the 
network  for  a  few  moments. 

Score 

4.4 

4.0 

3.5 

3.4 

The  Breakdown  Identifying  and  thwarting 

spyware  40%  Reports  and  alerts  2094  j 

Installation  and 
deployment  2094 

Ease  of  use  1094 

Documentation  1094  Total  score 

Secure  Management  Appliance  4.0  (Secure  Web  Gatewafy  model  3300)  5  3 

5 

4 . 

4  4.4 

OfTiceScan  Anti-Spyware  Suite  and  InterScan  Anti-Spyware  Suite  4  :  4 

4 

4  4.0 

eSafe  Version  54  3 

3 

4 

3  3.5 

Spyware  Interceptor  3  3 

Swrag  Kiy.  5:  Exceptional;  4:  Very  good;  3:  Average;  2:  Below  average;  1:  Subpar  or  not  available 

5 

3  3  3.4 

*Software-based  gateways 

YOUR  JOB  IS  TO  KEEP  SYSTEMS  AND  APPLICATIONS  RUNNING. 
OUR  MISSION  IS  TO  KEEP  PEOPLE  AND  INFORMATION  CONNECTED. 

LET’S  WORK  TOGETHER. 


For  years,  companies  around  the  world  have  turned  to  SunGard  to  restore  their 
systems  when  something  went  wrong.  So,  it’s  not  surprising  that  they’re  now 
turning  to  us  to  mitigate  risk  and  make  sure  they  never  go  down  in  the  first  place. 

You  want  your  network  and  systems  to  always  be  up  and  running.  We  want  the 
same  thing.  Let’s  get  together.  To  learn  more,  visit  www.availability.sungard.com  or 
call  1-800-468-7483. 


SUNGARD 


Keeping  People 
and  Information 
Connected 7 


fTM 


Continuous  access  to  information  no  matter  what.  That's  Information 
Availability.  It’s  what  your  employees,  suppliers  and  customers  demand  every 
minute  of  every  day.  But  to  deliver  it  flawlessly,  you  need  a  massive  global 
infrastructure,  redundant  systems  and  diverse  networks  being  monitored  and 
supported  by  skilled  technical  experts  at  secure  facilities.  That’s  exactly  what 
SunGard  provides. 

As  a  result,  we  can  offer  you  a  higher  level  of  availability  and  save  your 
company,  on  average,  25%*  versus  building  the  infrastructure  yourself.  Plus, 
it’s  a  vendor  neutral  solution  that  lets  you  control  your  data,  applications  and 
network  while  giving  you  the  flexibility  to  adjust  to  the  changing  needs  of  your 
business.  But  best  of  all,  it  lets  you  spend  more  time  solving  business  problems 
and  less  time  solving  technical  problems. 


’Potential  savings  based  on  iGC  White  Paper.  Ensuring  Information  Availability:  Aligning  Customer  Needs  with  an  Optimal  Investment  Strategy. 
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a  little  custom  programming  in,  say, Visual  Basic. 

Forti  net’s  FortiClient  Host  Security  is  an  anti-virus  and  anti¬ 
spyware  personal  firewall.  It  can  act  as  an  IPSec  VPN  client, 
and  the  firewall  implements  Network  Address  Translation. 
FortiClient  killed  78%  of  the  spyware  in  our  tests.  To  detect 
malware,  FortiClient  monitors  the  registry  for  alterations, 
notes  unwanted  additions  to  the  Windows  start-up  list  and 
matches  incoming  over-the-wire  executable  files  against  a 
signature  file.  It  offers  centralized  policy  management,  and 
the  central  console  can  automatically  deploy  FortiClient 
agents  across  a  network  of  Windows-based  machines.  Pre¬ 
configuring  and  distributing  agents  took  just  a  few  moments 
to  accomplish.  FortiClient  consumes  20M  to  35M  bytes  of 
RAM.  Turning  on  all  options  (anti-virus,  firewall,  signature 
recognition  and  registry/start-up  list  monitoring)  sets  the 
high  water  mark.  FortiClient  leaves  no  spyware  residue  on 
protected  machines.  It  doesn’t  emit 
SNMP  alerts. 

McAfee’s  Anti-Spyware  Enterprise  did 
away  with  76%  of  our  test  spyware.  It  and 
VirusScan  Enterprise  are  a  matched  set, 
with  Anti-Spyware  Enterprise  adding 
registry  scanning,  file  scanning,  memory 
process  scanning  and  spyware  removal 
to  the  VirusScan  Enterprise  anti-virus 
agent.  The  combined  agent  uses  only 
about  10M  bytes  of  RAM.  McAfee’s 


eFblicy  Orchestrator  provides  the  central  console  for  both 
VirusScan  Enterprise  and  Anti-Spyware  Enterprise. The  anti¬ 
spyware  component  knows  spyware  (what  McAfee 
euphemistically  terms  Potentially  Unwanted  Programs,  or 
PUPs)  by  signature  and  by  suspicious  registry  file  and  mem¬ 
ory  modifications.  Anti-Spyware  Enterprise  removed  all  our 
test  spyware  executable  files,  but  did  leave  the  occasional 
harmless  .dat  file  or  registry  entry  on  our  clients.  Deploying 
agents  across  a  Windows-based  network  is  automatic  and 
quick,  and  the  eFblicy  Orchestrator  central  console  pro¬ 
duces  a  wealth  of  detailed,  graphical  reports.  EFblicy 
Orchestrator  can  send  SNMP  alerts. 

Ashanti’s  Spyware  Defense  fared  the  worst  in  our  spy- 
ware  removal  tests,  detecting  only  72%  of  the  spyware. 
Moreover,  it  forced  us  to  visit  each  client  to  manually 
install  its  agents,  and  its  spyware  definition  updates  also 
were  entirely  manual.  SpywareDefense  identifies  spyware 
by  file  name,  directory  path  or  wild-card  filename  mask. 
Clients  consume  about  22M  bytes  of  FtAM,  and  Spyware 
Defense  does  not  emit  SNMP  alerts.  It 
does  have  a  central  console  for  initiat¬ 
ing  client  scans  and  requesting  spyware 
definition  downloads.  Spyware  Defense 
left  no  residue  behind  after  our  tests. 

Conclusion 

We  recommend  taking  a  close  look  at 
McAfee’s  Secure  Web  Gateway  which 
excels  at  keeping  spyware  from  getting 
onto  the  network  in  the  first  place.  If  you 


need  the  additional  security  of  anti-spyware  running 
directly  on  the  desktop  or  on  a  server,  TechAssist’s 
Omniquad  AntiSpy  Enterprise  or  WebSense’s  Web  Security 
Suite-Lockdown  Edition  are  likely  just  what  the  doctor 
ordered. 

Nance  mns  Network  Testing  Labs  and  is  the  author  of 
Introduction  to  Networking,  4th  Edition  and  Client/Server 
LAN  Programming.  He  can  be  reached  at  barryn 
@erols.com. 


Lab  Alliance 


■  Nance  also  is  a  member  of  the  Network  World  Lab  Alliance,  a 
cooperative  of  the  premier  testers  in  the  network  industry,  each 
bringing  to  bear  years  of  practical  experience  on  every  test.  For 
more  Lab  Alliance  information,  including  what  it  takes  to  become 
a  partner,  go  to  www.networkworld.com/alliance. 

Other  members:  Mandy  Andress,  ArcSec;  John  Bass,  Centennial 
Networking:  Travis  Berkley,  University  of  Kansas;  Jeffrey  Fritz, 
University  of  California,  San  Francisco;  James  Gaskin,  Gaskin 
Computing  Services;  Thomas  Henderson,  ExtremeLabs; 

Miercom,  network  consultancy  and  product  test  center; 

Christine  Perey,  Perey  Research  &  Consulting;  David  Newman, 
Network  Test;  Thomas  Powell,  PINT.  Joel  Snyder,  Opus  One; 
Rodney  Thayer,  Canola  &  Jones. 
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Test  methodology 

In-depth  details  of  our  anti-spyware  test¬ 
bed  and  methodology. 

DocFinder:  8827 


Preparing  IT  professionals  for  success.  Victory  laps  optional 


E-Learning  is  the  ultimate  online  learning  tool.  It’s  all  yours  24  hours  a  day,  7  days  a  week,  and  it 
will  give  you  everything  you  need  to  conquer  even  the  toughest  IT  challenge.  Give  e-Learning  a 
try  and  we’ll  teach  you  everything  we  know.  Visit  www.transcender.com  or  all  1  -866-  39-8765. 


Transcender 


©  2005  Kaplan  IT,  Inc.  All  rights  reserved.  TRANSCENDER®  Kaplan  IT,  Inc.  All  rights  reserved 
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E-MAIL  NEWSLETTER  SHOWCASE:  Outsourcing 

Reviewing  the  security  aspect  of  outsourcing 


BY  DAN  TWING 

While  service  levels  and  costs 
get  the  most  attention  during  con¬ 
tract  negotiations  between  out¬ 
sourcing  vendors  and  user  organi¬ 
zations,  security  is  a  responsibility 
that  should  not  be  taken  lightly  A 
significant  security  responsibility 
lies  with  every  company  —  to  pro¬ 
tect  customer  and  employee  data, 
to  ensure  the  continuity  of  the 
business  and  to  protect  the  intel¬ 
lectual  property  assets  of  the  com¬ 
pany  Each  can  be  put  at  risk  in  an 
outsourcing  relationship  if  not 
properly  addressed  contractually 
and  operationally 

The  outsourcing  contract  be¬ 
comes  critically  important  for  out¬ 
lining  security  responsibilities 
and  penalties  for  breaches.  To 
properly  address  security  in  a  con¬ 
tract,  a  review  team  should  ana¬ 
lyze  each  business  process  that 
will  be  affected  by  the  proposed 
outsourcing.  This  review  should 
consider  the  various  risks  that 
could  affect  each  business  pro¬ 
cess,  and  provide  a  channel  to 
raise  issues  to  the  senior  decision¬ 
makers.  Examples  of  risk  to  be 
considered  include: 

•  Exposure  of  a  company’s  sen¬ 
sitive  and  critical  information. 

•  Exposure  of  customer  or  em¬ 
ployee’s  personal  information. 

•  Exposure  of  a  company’s  intel¬ 
lectual  property  such  as  source 
code,  patented  processes. 

•  Relocation  of  IT  equipment 
from  a  known,  safe  environment 
to  an  unknown  environment. 

•  No  direct  control  over  the  ven¬ 
dor’s  recruitment  process. 

•  No  direct  control  over  busi¬ 
ness  continuity  issues  for  the  out¬ 
sourced  processes. 

Once  risks  are  identified,  con¬ 
trols  need  to  be  defined  to  miti¬ 
gate  and  manage  the  risks.  These 
controls  become  incorporated 
into  the  contract  by  defining  poli¬ 
cies,  roles  and  responsibilities, 
and  possibly  audits  and  penalties. 
These  statements  may  include: 

•  The  information  security  pol¬ 
icy  to  be  used. 
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Sign  up  for  this  or  any  of  Network 
World's  many  other  e-mail  newsletters. 

DocFinder:  1002 


•  Roles  and  responsibilities 
(client  and  outsourcing  provider). 

•  Mandatory  practices,  such  as 
access  control  processes,  backup 
and  recovery 

•  The  various  service  levels  for 


providing  confidentiality,  informa¬ 
tion  quality  and  recovery  from 
incidents. 

•  Rights  of  inspection  and  audit. 

•  Nondisclosure  and  noncom¬ 
pete  agreements  for  vendor 


employees. 

•  Venue  for  legal  disputes. 

•  Insurance  policies  required  of 
the  vendor. 

•  Penalties  for  breaches  of  secu¬ 
rity  policy 


Twing  is  vice  president  of 
Research  and  Consulting  Ser¬ 
vices  with  Enterprise  Manage¬ 
ment  Associates.  He  can  be 
reached  at  dtwing@enterprise 
management,  com. 


How  many  tools  do  you  use  to 
Certify,  Identify,  Configure  &  Document 
your  Ethernet  network? 

(That’s  too  many!) 

Introducing  Validator-NT 


The  All-in-One  Network  Management  Tool 


CERTIFY  individual  Ethernet  cable  runs  up  to 
1  Gigabit  Speed  per  IEEE802.3  specifications. 

Test  for  TIA568  Interconnect  problems.  Determine 
fault  locations,  cable  length  and  delay  or  noise 
conditions.  Produce  and  print  cable  test  schedules 
and  cable  test  results.  Qualify  lines  for  VoIP  usage. 


IDENTIFY  active  components  of  your  network  on 
the  other  end  of  the  cable.  Identify  all  types  of  equipment 
and  port  service  discovery  with  advertised  speed  ratings 
and  DHCP  negotiation.  Access  IP  addresses,  ping  equipment 
and  flash  hubs/switches  for  positive  port  location. 

CONFIGURE  links  between  nodes  at  Gigabit  speed. 

Check  IP  addresses  on  netmask,  Gateway/routers  and  domain 
name  servers.  Confirm  links  between  equipment  for  changes 
or  upgrades. 

DOCUMENT  the  network  with  the  included  powerful 
Plan-UnT  software.  Create  layouts  of  offices/premises  or  import 
existing  Visio/AutoCAD  drawings.  Show 
cables  and  equipment  they  connect  to  in 
physical  locations.  Print  out  layouts  and 
corresponding  Cable  Test  Schedules.  The  Network 
Tool  section  of  Plan-Urn'"  allows  you  to  create  a  complete 
topology  layout  of  the  network  for  on-site  reference,  showing 
connections,  equipment  and  cable  pathways.  You  can  add  notes  to  each 
component  of  the  network  for  future  add,  changes,  and  move  legacy  information. 


4"  color  LCD  screen 

Lithium/ion  battery 
provides  8  continuous 
hours  of  use 

Unlimited  flash 
card  memory 


TP'v-r.  r 


Powerful  Plan- Urn™ 
software  included 


Everything  you  need  to  Test,  Trace  and  Tune  your  Ethernet  Network. 


Test-Urn  Inc. 

The  Intelligent  Test  Solutions  Company 


in  the 

USA 


805-383-1500  •  FAX  805-383-1595  •  www.test-um.com 


HP  PROLIANT  BL20p  G3  BLADE  SERVER 


with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Intel®  Xeon™  Processors  (3.60GHz/2MB)' 

■  High  density:  Up  to  48  servers  per  rack 

•  Flexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager™:  Web-based  networked 
management  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 

•  Integrated  Cisco  or  Nortel  switch  options 


Ut 


HP  STORAGEWORKS  MSA1500cs 


Get  2TB  of  Storage  Free  ($2,800  Value)2 

■  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

■  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

•  Ability  to  mix  SCSI  and  Serial  ATA  enclosures 
for  greater  flexibility 

•  2GB/1GB  Fibre  connections  to  host 


Download  a  free  IDC  white  paper: 
Reducing  Total  Cost  of  Ownership 
Through  the  Use  of  Blade  Systems. 

. 

Save  $750  instantly 

on  a  blade  enclosure  solution? 

Sec  Web  site  for  details. 


The  HP  ProLiant  BL20p  G3  blade  server  with  the  Intel1'  Xeon™  Processor  simplifies  server  management.  In  fact,  it's 
so  simple,  you  can  even  manage  it  remotely  through  leading  Web  browsers  using  HP  iLO  technology.  And 
not  only  is  it  simple  to  manage,  it's  also  simple  to  monitor  and  set  up.  It  all  starts  with  the  Rapid  Deployment  Pack, 
giving  you  an  automated  setup  process  to  configure  and  deploy  servers  at  high  volume  and  a  rapid  pace. 
Then  HP  Systems  Insight  Manager™  gives  you  a  real-time  overview  of  system  performance,  even  alerting  you 
to  potential  problems  before  they  occur.  Plus,  you  can  bundle  it  with  the  HP  StorageWorks  MSA1500cs  to  make 
storing  your  data  simple,  scalable  and  affordable.  So  with  HP,  you  get  more  expertise  before  you  buy,  more 
technology  when  you  do  and  more  support  after.  Wherever  you  happen  to  be. 


1.  Intel’s  numbering  is  not  a  measurement  of  higher  performance.  2.  Receive  up  to  2TB  of  storage  free  with  purchase  of  HP  StorageWorks  Modular  Smart  Array  1500cs  devices.  Offer  valid  through  10/31/05. 3.  Save  $750  instantly  on  the  purchase  of  a  BladeSystem  pCIass  1U  power  enclosure  solution.  Offer  valid 
through  10/31/05.  All  offers  available  from  HP  Direct  and  participating  resellers.  Prices  shown  are  HP  Direct  prices,  are  subject  to  change  and  do  not  include  applicable  state  and  local  sales  tax  or  shipping  to  recipient's  destination.  Reseller  prices  may  vary.  See  Web  site  for  full  details.  Photography  may  not  accurately 
represent  exact  configurations  priced.  Associated  values  represent  HP  published  list  price.  Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2005  Hewlett-Packard  Development  Company,  L.P. 
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The  rise  of  the  IT  architect 

Demand  grows  for  leaders  who  can  take  a  broad  view  of  the  enterprise. 

BY  RYAN  DEBEASI 


The  position  of  IT  architect  has  become  increas¬ 
ingly  important  to  the  ever-changing  IT  industry, 
and  is  one  that  established  corporations  and  start¬ 
ups  are  seeking. The  job  requires  network  professionals 
to  acquire  new  skills,  and  it  could  provide  additional 
career  opportunities. 


As  IT  positions  become  more  specialized 
and  include  increasingly  detailed  responsi¬ 
bilities,  there’s  a  need  for  someone  who  can 
tie  several  silos  of  expertise  together,  says  A1 
Volvano,  a  product  manager  for  Microsoft’s 
Learning  Group.  Enterprise  architects  aren’t 
just  technology  experts;  they  are  leaders 
with  broad  IT  knowledge,  the  savvy  to  apply 
it  to  business  problems  and  the  communi¬ 
cation  skills  necessary  to  coordinate  the 
people  who  will  put  their  plans  into  action, 
says  Bill  Liguori,  senior  vice  president  and 
co-founder  of  the  placement  firm  Lead¬ 
ership  Capital  Group. 

Jim  Phelps,  a  senior  IT  architect  for  the 
University  of  Wisconsin’s  Department  of  IT, 
is  charged  with  assessing  the  effect  and  fit 
of  technologies,  and  aligning  technical 
solutions  with  the  university’s  IT  goals.  As 
he  describes  it,  the  position  requires 
“broad  vision  to  fly  at  30,000  feet  all  the 
time  but  drop  down  low  to  the  ground 
every  once  in  a  while  to  get  enough  de¬ 
tail.”  In  particular,  he  concentrates  on  col¬ 
laboration,  identity  management  issues 
and  integration  patterns. 

His  department  has  three  IT  architects 
and  he  says  there’s  talk  of  adding  one 
more.  “The  university  has  grown,  and  we 
wanted  to  deliver  integrated  services.  We 
don’t  want  students  to  have  to  go  to  the 
library  system  and  e-mail  system  and  cal¬ 
endar  system,”  Phelps  says.  “The  need  for 
someone  who  has  an  overview,  high-level 
vision  has  grown.” 

For  example,  he  recently  intervened  when 
two  university  groups  were  using  “e-grad¬ 
ing”  to  describe  unrelated  projects.The  reg¬ 
istrar  was  starting  a  self-service  electronic 
grade  submission  project,  and  at  the  same 
time  the  learning  technologies  group  was 


working  to  integrate  online  learning  with 
the  student  information  system.  The  archi¬ 
tecture  group  got  the  teams  together  and 
came  up  with  common  terminology  and 
definitions  to  alleviate  staff  confusion. 

Naturally  the  role  of  an  IT  architect  can 
vary  greatly  by  company  For  example,  each 
company  might  have  a  set  of  operating  sys¬ 
tems,  databases  and  frameworks  that  it 
tends  to  use,  as  well  as  industry-specific 
applications  for  environments  ranging 
from  hospitals  to  retail  stores. 

“Architect’  is  probably  the  most  abused 
term  in  IT’  says  Tony  Redmond,  HP’s  CTO. 
“When  you  say  ‘architect’  what  do  you 
mean?”  Numerous  companies  have  em¬ 
ployees  who  identify  themselves  as  archi¬ 
tects,  but  those  people  might  be  anything 
from  CIOs  to  programmers,  he  explains. 

Liguori  says  many  businesses  have  an 
enterprise  architect  who  reports  to  the  CIO 
and  takes  a  broad  view  of  the  company’s 
infrastructure.  Because  enterprise  IT  archi¬ 
tects  are  responsible  for  straddling  the  gap 
between  business  and  IT,  they’re  required 
to  have  excellent  communication  and 
leadership  skills  along  with  a  detailed 
understanding  of  technologies  an  em¬ 
ployer  uses.  Under  the  enterprise  architect 
are  more-specialized  architects,  including 
those  for  solutions,  information,  infrastruc¬ 
ture  and  security 

Salaries  for  enterprise  architects  are  all 
over  the  map.  Based  on  level  and  industry 
average  compensation  typically  ranges 
from  $250,000  to  $300,000,  according  to 
Liguori.  He  says  some  large  banks  pay  up  to 
$500,000,  while  smaller  companies  may 
start  at  $100,000. 

The  experience  required  of  IT  architects 
also  varies.  An  enterprise  architect  might  be 


expected  to  have  between  10  and  15  years 
of  experience  as  an  IT  consultant,  while  a 
lower-level  architect  might  need  to  have 
five  to  10  years  of  experience,  Ligouri  says. 

Perhaps  as  a  testament  to  the  growing  de¬ 
mand  for  IT  architects,  Microsoft  and  The 
Open  Group  have  launched  certification 
programs  and  are  working  to  formally 
define  different  types  of  IT  architects. 

Microsoft  and  The  Open  Group’s  IT  archi¬ 
tecture  certification  programs  target  senior 
network  professionals  with  proven  track 
records.These  people  are  set  up  with  men¬ 
tors  who  help  them  prepare  for  their  eval¬ 
uations,  which  are  presentations  before 
boards  of  architects.  A  presentation  lasts 
about  two  hours  and  tests  technical  knowl¬ 
edge,  as  well  as  business  and  communica¬ 
tion  skills.  HP’s  Redmond,  a  member  of  the 
vendor’s  review  boards,  gives  an  example 
of  a  candidate  who  was  asked  to  explain 
how  one  would  deploy  open  source  soft- 

Credential  comparison 


ware  and  also  whether  it  would  make  eco¬ 
nomic  sense. 

Unlike  purely  technical  certification  pro¬ 
grams,  there  is  no  written  test,  and  there  are 
no  specific  technologies  that  candidates 
must  know.  Instead,  they  must  demonstrate 
a  broad  understanding  of  IT  standards  and 
methodologies,  as  well  as  a  deeper  under¬ 
standing  of  a  few  specific  topics  of  their 
choosing. 


No  standardized  certification  program 
can  test  architects  on  a  given  company’s 
specific  needs,  however.  Liguori  argues  that 
these  programs  might  be  helpful  in  some 
cases,  but  “at  the  end  of  the  day  [architec¬ 
ture  is]  not  the  same  in  every  organization.” 
Each  company  has  different  needs,  so  one 
certification  program  can’t  prove  that  an 
architect  would  be  qualified  to  work  in 
every  company  particularly  one  in  a  spe¬ 
cialized  field  such  as  medicine. 

Regardless  of  all  the  different  labels,  pro¬ 
grams  and  responsibilities,  IT  is  definitely 
changing.  Network  professionals  are  be¬ 
coming  increasingly  differentiated  from 
one  another,  and  a  need  for  business-sawy 
leaders  is  rapidly  emerging.  Architects  are 
beginning  to  fill  this  role,  taking  an  expand¬ 
ed  view  of  IT  that  integrates  knowledge  of 
technical  standards  with  communication, 
leadership  and  business  skills. 

Ligouri  adds  that  unlike  jobs  such  as  pro- 


certification;  8175  yearly  renewal  fee  thereafter, 
plus  $625  re-certification  fee  every  three  years. 

gramming,“you  rarely  ever  see  the  architec¬ 
ture  being  outsourced.”  The  job  pays  well, 
and  opportunities  are  in  fields  ranging  from 
finance  to  healthcare  to  retail.  If  you’re 
interested  in  both  the  technological  and 
business  sides  of  IT,  a  career  as  an  IT  archi¬ 
tect  could  be  well  worth  looking  into. 

DeBeasi  is  a  former  summer  intern  for  Net¬ 
work  World. 


Microsoft  and  The  Open  Group  have  both  developed  certification  programs 
to  validate  the  skills  of  IT  architects. 

Microsoft  Certified  Architect  The  Open  Group  IT  Architect  Certification 


Availability 


Early  2006 


Now 


Types  of  architects 
certified 


Infrastructure  architects, 
solutions  architects. 


General  IT  architects. 


Candidates 

reviewed 


96 


Not  applicable;  first  review  boards  will  be  held  week 
of  Oct.  9. 


Re-certification 

requirements 


“Revalidation"  every  three  years. 


Re-certification  every  three  years. 


Prerequisites 


10  years  of  experience 


3  years  of  experience  plus  detailed  documentation  of 
recent  projects  to  prove  proficiency  as  an  architect. 


Cost 


To  be  determined 


Direct  certification:  $1,250  for  initial  three-year 


MARKETPLACE  9/12/05 


0 


FORESIGHT 


crprcitv  pl non  ms 
_ _ _ 


NETWORK* 

INSTRUMENTS 


How  much  does  your  network  analyzer  see? 


L 


Observer  is  the  only  fully  distributed  network  analyzer  built 
to  monitor  the  entire  network  (LAN,  802,1  la/b/g,  Gigabit, 
WAN).  Download  your  free  Observer  1 0  evaluation  today 
and  see  how  Observer  puts  you  in  the  driver's  seat  with  more 
real-time  statistics,  more  in-depth  analysis  and  more  network 
advantages  than  ever  before.  Choose  Observer. 


-CRPRC  i  tv  PLRnn  i  no  -  Determine  how  much  bandwidth 
your  router  will  need  based  on  historical  usage  patterns  with 
Network  Trending. 

-foresight-  Predict  how  network  changes  will  affect 
your  response  times  with  "What-lf  Modeling  Analysis. 

-no  S  i  GORL  -  Find  rogue  access  points,  monitor  access 
point  load  and  scan  wireless  channels  continuously  with  over 
50  WLAN  Expert  Conditions. 

US  &  Canada  toll  free  800.526.5958 

fax  952.932.9545 

UK  &  Europe  +44(0)1959569880 


www.networkinstruments.com/ana 


Hi  >w  Do  You  Distribul  e 
Power  in  Your  Data 
Center  C  abinet? 


With  Sentry! 

CDU  Product  Family:  Metered,  Smart  &  Switched 


L 


■- 

- 
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Sen  r  Technology 

Solutions  for  the  Data  Center  Equipment  Cab.i  t 

The  Ser  ry  CDU  distributes  power  for  Bl< 
servers  or  up  to  42  dual-power  1U  servers 
in  one  enclosure.  Single  or  3-phast-  input 
with  110VAC,  2 08 VAC  or  mixed  110/201  /AC 
single-phase  outlet  receptacles. 

Metered  CDU 

>  Local  input  Current  Monitoring 

Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power  T  mp<  atures 
and  Humidity 

Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humi  ity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 


Server  Technology,  Inc. 
1040  Sandhill  Drive 
F  no,  NV  89521 
USA 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology,  Inc. 


toll  free +1.800.835.1 51 5 
tel  +1.775.284.2000 
fax  +1.775. 284. 2C  5 

www.servertech.com 
sales®;  rvertech.com 
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Each  component  of  the  AlterPath  System  is  designed  to  seamlessly  integrate 
into  the  enterprise,  able  to  scale  in  any  direction.  Whether  you  need  serial 
console  management  of  networking  equipment,  KVM  for  access  to  Windows® 
servers,  branch  management,  IPMI  or  HP  iLO  for  service  processor 
management,  or  advanced  power  management,  the  AlterPath  System  delivers. 
Cyclades  brings  it  all  together,  making  OOBI  administration  seem  like  child’s  play. 


Over  85%  of  Fortune  100 
choose  Cyclades. 
www.cyclades.com/nw 

1.888.cyclades  •  sales@cyclades.com 
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cyclades 


The  Next-Generation  IT  Infrastructure 


Cyclades  AlterPath™  System  is  the  industry's  most  comprehensive  Out-of-Band 
Infrastructure  (OOBI)  system.  The  AlterPath  System  allows  remote  data  center 
administration,  eliminating  the  need  for  most  time-consuming,  remedial  site 
visits.  When  fully  deployed  in  your  data  center,  Cyclades  AlterPath  System  lowers 
the  risks  associated  with  outages,  improves  productivity  and  operational 
efficiency,  and  cuts  costs. 
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Remote  Locations 


SSH  or  Out-of-Band  Access  to  Consoles  at 


Web  Browser  Interface 


a  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 

■  TACflCS  &  RADIUS  Authentication 

Rommantl  Legging  with  Audit  Trail  *-  *  .  /  *; 

n  SYSLOG  Reporting 
®  NIP  Server  Ready 
«  Any-te-Any  Port  Switching 

■  Non-Connect  Port  Buffering  ^S«J55JJ25^pSi@§|ig 

®  Port-Specific  Password  Protection  ™jjd  ?  -  jjp  •  ‘ 

■  Data  Rate  Conversion  . . BE*  A . 

■  Rack  Mountable  -  Requires  1  Rack  Unit 

■  115/230  VAC  or  -48  VDC  Models  . . 

The  SCM-1 6  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  on  UNIX  servers,  routers  and  any  other 
network  elements  which  have  a  serial  console  or  craft  port.  System  administrators 
can  access  serial  maintenance  ports  over  the  network  via  SSH  connections  and  simple, 
menu-driven  commands  or  through  a  discrete  TCP  port  connection,  mapped  directly  to 
one  of  the  SCM-1 6  serial  outputs. 

"ij  Visit  Website  for  Complete  NetReach 

inn  b  □  (800)854-7226  •  www.i 

I  I  I  1  I  FI  5  Sterling  •  Irvine  •  California  ! 

.  . I  LI  (949)  589-9959  •  Fax:  (949)  5 


|65  106.83.114 


f  Address.  J65.10M3.97 
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Yes,  We  are  Customer  Friendlyl 

✓  Two  Year  Warranty 

✓  We  Stock  for  Same  Day  Shipment 

✓  30  Day  Return  Policy 

✓  Call  or  Email  for  an  Online  Demo 


ROSE  US 
ROSE  EUROPE 
ROSE  ASIA 
ROSE  AUSTRALIA 


281  933  7673 
+44  (0)  1264  850574 
+  65  6324  2322 
+  617  3388  1540 


ELECTRONICS 


Need  Secure  Console  Management? 


RFC 


3wn  -Comole  Port  Management  Switehei  ~  Microroll  Internet £  uptown 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHER 


LOCAL  OR  REMOTE  SERVER  MANAGEMENT  SOLUTIONS 


UltraMatrix™ 

Remote 


m  MATRIX  KVM  SWITCH  WITH 

INTEGRATED  REMOTE  ACCESS  OVER  IP 


UltraMatrix™ 

E-series 


■  PROFESSIONAL  MULTI-USER  KVM  SWITCH 
2  -  4  KVM  STATIONS  TO  1,000s  OF  COMPUTERS 


KVM  OVER  IP 


KVM  SWITCH 


System-wide  connectivity  over  IP  worldwide  and  locally 
Connects  1,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX,  serial  devices 
High  quality  video  up  to  1280  x  1024 
Secure  encrypted  operation 

View  real-time  video  from  4  computer  connections  with 
quad-screen  mode 


PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

On-screen  menu  informs  you  of  connection  status  between  units 

in  an  expanded  system 

Powerful,  expandable,  low  cost 

No  need  to  power  down  most  servers  to  install 

Security  features  prevent  unauthorized  access 

Free  lifetime  upgrade  of  firmware 

Video  resolution  up  to  1600  x  1280 

Available  in  several  models 

Easy  to  expand 


The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 


The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technology,  at  an 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  many  as 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2x16, 
4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform. 


■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 


RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
server  rooms  and  multiple  computers. 

The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
drawer.  This  easy-glide  KVM  drawer  contain  a  high-resolution  T FT/LCD  monitor,  a 
tactile  keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 


XtendVue 

Vertical  Rack  mountable  LCD 
With  Buit-in  KVM  Extender 


RackView 

Fold-Forward 


RackView 

Fold-Back 


RackView 
LCD  Monitor 


RackView 

Keyboard 


Network  management 
has  always  been 
complex, 
time-consuming, 
and  expensive. 


Netreo's  OmniCenter™  family  of  network  managment  appliances  have 
helped  hundreds  of  America's  leading  corporations  and  universities 
dramatically  reduce  IT  management  costs  and  improve  availability.  Our 
agentless  and  clientless  architecture  makes  the  process  of  managing 
even  the  largest  and  most  complex  environments  remarkably  simple,  and 
makes  implementation  a  breeze. 


Come  see  our  in-depth  case  studies  at  http://www.netreo.net/nw/  to 
discover  how  we  can  help  simplify  your  IT  management. 


OmniCenter 

IT  Management  Redefined. 


imetreo 

www.netreo.net/nw/ 

(866)  NETREOI 


Fault  Management  •  Performance  Reporting  •  Security  Managment  •  VoIP  Management  •  Intrusion  Detection  •  Protocol  Reporting 
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We  just  spent  almost  $70  million  researching 

solutions  to  tomorrows  server  problems 

Why  not  spend  a  few  minutes  with  us? 


White  Paper  #12  (wp-12) 

NCPl  Service 
jireraente  for  tat  , 
GensratMt  Date  Centers 


A**  FREE 


White  Paper  #58  (WP-S8) 

'Humidification  Strategies  for  Data 
Canters  and  Network  Rooms' 


428 ""FREE 

White  Paper  #82  (wp-82) 

"Physical  Security 
in  Mission-Critical 
Facilities" 

*5 "FREE 


White  Paper  #40  iwp-40) 

‘Cooling  Audit  for 
Identifying  Potential 
Cooling  Problems 
in  Data  Centers" 

* “free 

White  Paper  #73  rwP-73) 

"Reducing  Hidden 
Costs  Associated  with 
Upgrades  of  Data 
Center  Power  Capacity" 

*5 “FREE 


White  Paper  #42  iwp-42) 

"Ten  Steps  to  Solving 

byHigh  Densrty Senrer81*  We  ta^e<^  to  thousands  of  customers  from  Baltimore  to  Beijing  and 
Deployment"  saw  the  good,  the  bad,  and  the  ugly  measures  customers  took  in 

8®®”  PPFF  t*ne'r  ^ata  center  planning.  In  many  cases,  turnover  and  budget  cuts 
'  resulted  in  no  plan  at  all.  _ 


White  Paper  #81  (wp-en 

“Site  Selection  for 
Mission-Critical 
Facilities” 


>63"  FREE 


Do  you  and  your  staff  know  the  top 
ten  planning  mistakes  to  avoid?The 
easiest  way  to  improve  cooling  without 
spending  a  dime? 

Find  these  answers  and  more  -  in  our 
latest  selection  of  white  papers. Take 
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MONITOR  SERVER  ROOM 

THREATS! 


•  Monitor  threats  such  as  temperature,  humidity 
and  water  leaks 

•  Be  notified  via  email,  SNMP  traps,  web-page 
alerts  and  a  visual  indicator 

•  Low  cost  and  compact  size  system 

Receive  a  FREE  1 0  ft.  Temperature  Sensor  when 
you  purchase  an  ENVIROMUX-MINI  by  12/31/05. 
Call  800-742-8324  and  mention  reference  code  ENV-NW. 

gr  ■gBjjm;®  NETWORK  Visit:  www.ntil  .com/nw.html 

SjuS  "  a  TECHNOLOGIES  Email:  sales@ntigo.com 
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Production  Tracking  Over  Ethernet 

Eliminate  your  shop-floor 
PCs  with ... 

Ethernet  Terminals  from 
Compute rWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
server. 

Features  C  Benefits 

•  Interactive  Telnet  Client 

•  TCP/IP  over  10/IOOBaseT  Ethernet 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port 

•  Customizable  Data  Collection 
Program  Included 

•  Larger  keyboard  and 
display  sizes  available 

COMi’UIJiWISL 
Call  1-800-255-3739  or  visit  www.computerwise.com 
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SERIOUS  EVENT  LOG  MANAGEMENT. 

WITHOUT  THE  BULL." 


Since  1997,  Dorian  Software  Creations  has  been  pioneering  event  log  management.  Now,  more  than  ever, 
security  professionals  are  looking  to  the  Dorian  Total  Event  Log  Management  Solution  to  meet  the  expanding 
demands  of  compliance  requirements  and  internal  security  and  auditing  standards. 

Dorian's  approach  addresses  each  step  in  the  life  cycle  of  log  data  and  provides  a  truly  comprehensive  view  of 
your  network  health  and  security.  In  fact,  Dorian  has  never  focused  on  just  one  log  type,  because  as  you  know, 
threats  appear  in  many  forms.  Our  approach  provides  frontline  monitoring  of  the  event  log  and  syslog  with 
Event  Alarm™,  automates  the  collection  and  centralization  of  log  data  with  Event  Archiver™ ,  and  provides 
filtering  and  reporting  on  those  events  of  interest  with  Event  Analyst™ .  Finally,  Event  Rover™  provides  an 
additional  level  of  convenience  for  on-the-fly  forensics  and  log  data  mining. 


Look  to  the  company  with  the  widest,  most  modular  suite  of  log  management  solutions.  Auditors  are  expecting  perfection  from  you,  and  you 
should  expect  the  best  in  scalability,  flexibility,  and  support  of  your  log  management  software  strategy.  Avoid  mega-management  consoles 
that  over  promise,  under  perform,  and  wreak  havoc  on  IT  budgets  and  networks.  Look  to  Dorian  Software  Creations  for  total  event  log 
management  -  without  the  bull. 


Copyright  (C)  1997-2005  Dorian  Software  Creations,  Inc.  All  rights  reserved.  Without  the  Bull.  Dorian,  Event  Alarm,  Event  Rover.  Event  Archiver, 
and  Event  Analyst  are  trademarks  or  registered  trademarks  of  Dorian  Software  Creations.  Inc.  All  other  trademarks  are  the  trademarks  of  their 
respective  companies. 
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TAP  into  Performance 

/76lWOrkTAPs  Monitor  mission-critical  links  with  the 

latest  technology  through  new  nTAPs 


Stop  jeopardizing  network  performance  and  risking  costly  downtime.  Be  confident  you 
have  maximum  visibility  into  your  full-duplex  links  by  configuring  an  nTAP  solution  that 
fits  your  network  and  budget.  Visit  www.networkTAPs.com/visibility  today. 


Ethernet  Copper  nTAP 

For  copper-to-copper  connections 
Choose  your  speed: 

10/100 . $395 

10/100/1000  . $995 


Optical  Fiber  nTAP 

Multiple  split  ratios 

Choose  your  port  density: 

Single  channel . 

. $395 

Four  channel . 

$1,795 

Six  channel . 

$2,395 

To  learn  more  about  how  nTAPs  can  boost  your  network  visibility  and  which  configuration  option 
is  best  for  you,  go  to  www.networkTAPs.com/visibility  or  call  866-GET-nTAP  today. 

Free  overnight  delivery* 


FC  cc 


*Free  overnight  delivery  on  all  U.S.  orders  over  $300.00  confirmed  before  12  pm  CST. 

nTAP  and  the  nTAP  logo  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 
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WLAN 

SPECTRUM  ANALYZER 

True  Spectrum  Analysis! 

Not  a  WLAN  chip  set 

All  2.4  and  5 
GHz  bands  in 
one  unit  for 
only  $4400. 

Single  band 
2.4  GHz  unit 
for  only  $2600. 
Calibrated  Antennas 
Immediate  Delivery 

BANTAM  INSTRUMENTS 

www.Bantamlnstruments.com 


FIBER  OPTIC  SOLUTION 


•  Tl/El  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ether net/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  I S  0  -  9  0  0 1 

•  USB  Modem  and  Hub 

S.I.TECH 

Toll  Free  866-SITech-l 
630-761-3640,  Fox  630-761-3644 
www.sitech-bifdriver.com  or  www.sitechfiber.com 


For  further  information  on  network  IT  products  and  solutions 
from  these  companies  and  more,  check  out  vendor  solutions 

www.networkworld.com/vendorsolutions 
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Social  Security 

continued  from  page  1 

$1.3  billion  when  compared  with 
the  cost  of  creating,  mailing  and 
storing  paper  folders.  Once  eDIB  is 
fully  deployed,  SSA  hopes  to  slash 
100  days  out  of  the  average  time  it 
takes  to  process  a  disability  claim 
—  a  claim  took  as  long  as  three 
years  before  the  eDIB  deployment. 

The  goal  of  eDIB  is  to  speed  dis¬ 
ability  claims  processing  by  reduc¬ 
ing  delays  in  creating,  transporting 
and  locating  paper  files.  The  new 
system  aims  to  provide  a  secure, 
centralized  Web-based  repository 
of  medical  and  other  documents 
associated  with  disability  claims. 
SSA  and  state  agency  employees 
process  these  claims  using  a  cus¬ 
tomized  desktop  environment. 

“We  will  spend  $800  million 
over  seven  years  ending  in  2009,” 
says  William  Gray,  SSAs  deputy 
commissioner  for  systems.  “Our 
return  on  investment  will  be  $1.3 
billion  by  2011.  The  costs  of  this 
system  are  front-loaded,  but  the 
benefits  increase  as  you  go  into 
the  out  years  and  beyond.” 

The  eDIB  repository  is  adding 
32  million  documents  each  year, 
which  takes  7T  bytes  of  data  stor¬ 
age  space.  In  addition,  the  reposi¬ 
tory  will  house  audio  and  video 
transcripts  from  disability  claims 
hearings  that  will  occupy  an  esti¬ 
mated  45T  bytes  of  digital  storage 
media  annually 

The  system  will  have  65,000 
users,  including  10,400  concur¬ 
rent  users.  The  users  come  from 
SSAs  1,477  offices  and  135  hear¬ 
ing  offices  that  hear  appeals  on 
disability  claims.  Each  state  and 
territory  in  the  U.S.  has  its  own 
office  for  determining  disability 
claims  for  SSA,  and  these  offices 
are  linked  into  eDIB,  too. 

“This  is  the  biggest  Web  content 
management  system  in  the  world 
that  we’ve  seen  in  terms  of  the 
number  of  users  and  the  wide 
variety  of  users,”  says  Jon  Prial, 
IBM’s  vice  president  of  content 
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Vortex 

Setting  the  IT  agenda  will  deliver  straight 
talk  from  the  leaders  of  AT&T,  EMC,  HR 
Intel,  Microsoft,  Sun  and  more  on  securi¬ 
ty,  collaboration,  IT  flexibility  and  more  at 
the  annual  gathering  of  the  key  stake¬ 
holders  in  enterprise  IT.  Register  now. 
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k  Web  sf  savings 

SSA's  system  at  a  glance. 


Used  to  process  2  million  disability  claims 
per  year. 

Cost  $800  million  to  develop. 

Projected  to  save  $1.3  billion, 

Will  add  32  million  documents  each  year. 

Will  add  45  T  bytes  of  audio  and  video 
recordings  each  year. 

Will  support  65,000  users. 

Will  be  fully  deployed  by  the  end  of  2006. 

SOURCE:  SSA 


The  Social  Security  Administration  is  set  to  complete  the  rollout  of  a  new  $800  million  all- 
digital  system  known  as  eDIB  for  Electronic  Disability  System  for  processing  disability  claims 
nationwide  by  2006.  SSA  says  eDIB  will  cut  100  days  out  of  the  average  time  it  takes  to  process 
a  disability  claim. 

Internet  forms  Medical  documents 


eDIB  provides  a  secure, 
centralized  Web-based 
repository  of  medical  and 
other  documents  associated 
with  disability  claims. 


Legacy 

data 


eDIB  unstructured 
DB2  data  repository 


IBM  Z  Series  mainframe 


Medical  images 


SSA  and  state  agency 
employees  process 
these  claims  using  a 
customized  desktop 
environment. 


eDIB  structured 
data  repository 


management. 

SSA  handles  more  than  2  million 
disability  claims  each  year,  and  until 
now  this  process  was  all  on  paper. 

To  file  a  disability  claim,  an 
employee  would  go  to  one  of 
SSAs  1,300  field  offices  nation¬ 
wide,  fill  out  an  application  form 
and  submit  medical  data  in  sup¬ 
port  of  the  claim.  SSA  would  send 
a  paper  folder  to  the  appropriate 
state  office,  which  would  arrange 
for  a  doctor  to  review  it.  The  state 
would  make  a  determination  on 
the  claim  and  then  mail  the  folder 
back  to  the  closest  SSA  field 
office.  Employees  denied  disabili¬ 
ty  claims  could  file  for  a  hearing 
at  one  of  SSAs  hearing  offices. 
After  the  legal  proceedings  were 
done,  the  disability  folder  often 
would  be  several  inches  thick. 

“There  were  many  things  wrong 
with  this  process,"  Gray  says.“It  was 
extremely  labor-intensive  and 
paper-intensive,  and  an  enormous 
amount  of  time  was  lost  in  the 
process.  Only  the  person  that  had 
the  paper  folder  could  do  any 
work.  There  was  lots  of  time  lost 
with  people  finding,  managing 
and  mailing  these  folders.” 

Some  disabled  employees  wait¬ 
ed  more  than  three  years  to  get  a 
final  determination  on  a  claim. 

“The  old  system  was  very  costly 
and  inefficient.  It  was  also  provid¬ 
ing  poor  service  to  the  public,” 
Gray  says.“Our  desire  was  to  move 
to  an  electronic  process  that 
would  be  much  more  efficient.” 

With  the  eDIB  system,  employ¬ 
ees  can  file  claims  over  the 
Internet  directly  or  with  the  help 
of  SSA  staff  at  one  of  its  offices. 
The  employee’s  entire  folder  has 
been  moved  to  an  electronic  file, 
and  all  information  from  doctors 
is  scanned,  faxed  or  e-mailed  into 
that  file.  State  offices  make  deter¬ 


minations  about  disability  claims 
and  the  hearing  officers  who  han¬ 
dle  appeals  can  access  the  file 
from  a  Web-based  repository 

“No  one  ever  has  to  handle  that 
paper;’  Gray  says.  “All  appeals  are 
handled  electronically.  At  the 
hearing  offices,  we  have  a  new 
case-processing  system,  as  well  as 
the  online  files.  We’ve  had  many 
hearings  where  the  whole  hearing 
is  handled  electronically,  with  the 
judge  and  attorneys  at  terminals. 
We’re  even  recording  hearings  in 
digital  media  and  filing  them  in 
the  electronic  folder” 

An  array  of  IBM  technology  is 
making  eDIB  possible. The  central 
repository  at  SSAs  National 
Computer  Center  is  housed  on 
IBM’s  Z  Series  mainframes;  eDIB 
uses  IBM’s  Content  Manager  soft¬ 
ware  for  repository  management, 
IBM’s  DB2  Content  Manager  for 
database  access,  and  IBM’s  DB2 
Records  Manager  and  DB2  for 
databases.  The  applications  were 
developed  in  IBM’s  WebSphere 
software.  IBM’s  Tivoli  software  pro¬ 
vides  secure  access  to  eDIB. 

“For  many  years,  IBM  talked  a  lot 
about  being  an  e-business  and 
leveraging  Internet  technologies 
that  allow  people  to  transform 
their  businesses,”  Prial  says.“We’ve 
been  focused  on  information-on- 
demand  —  not  just  having  the 
information  infrastructure  in 
place  but  getting  the  business 
process  benefits,  too.  SSA  is  a  per¬ 
fect  role  model  for  that.” 

The  main  eDIB  repository  is 
backed  up  and  mirrored  by  Sun 
Solaris  servers  at  the  administra¬ 
tion’s  seven  largest  state  offices. 
Another  partner  in  the  eDIB  devel¬ 
opment  effort  is  Lockheed  Martin, 
which  helped  integrate  and  cus¬ 
tomize  the  IBM  software. 

The  eDIB  system  rides  over  a 


dual-source  MPLS  backbone  that 
features  two  T-l  links  from  differ¬ 
ent  carriers  coming  out  of  each  of 
its  1,300  field  offices. 

Non-stop  data  management 

“The  robustness  of  the  content 
management  system  led  to  a  very 
stable  system,”  Gray  says.“Our  sys¬ 
tem  is  up  99.10%  of  the  time.  The 
pieces  that  fail  are  often  a  fax 
machine  in  an  SSA  field  office. 
That  performance  has  exceeded 
my  expectations.” 

The  eDIB  system  will  be 
deployed  in  all  of  SSAs  field 
offices,  hearing  offices  and  state 
offices  by  year-end. 

“In  January  we  certified  the  first 
state  that  no  longer  had  to  keep  a 
paper  folder  as  backup,  and  that 
was  Mississippi.  We’ve  also  certi¬ 
fied  Illinois  and  Hawaii,”  Gray 
says.“By  the  end  of  2006,  all  states 
will  be  working  in  a  completely 
paperless  environment.” 

SSA  has  received  250,000  appli- 
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cations  for  disability  claims  over 
the  Internet,  and  another  9  mil¬ 
lion  applications  were  filed  elec¬ 
tronically  to  eDIB  from  one  of  its 
field  offices.  SSA  has  more  than 
1,500  doctors,  hospitals  and  other 
medical  offices  sending  informa¬ 
tion  electronically  into  the  secure 
eDIB  repository 

SSA  tried  10  years  ago  to  build  a 
paperless  system  but  it  failed 
because  the  technology  wasn’t 
stable  enough,  and  there  was  less 
focus  then  on  business  process 
re-engineering. 

“The  technology  itself  has 
improved,”  Gray  says.  “When  we 
tried  to  do  this  in  the  early  1990s, 
we  were  relying  on  client/server 
technology  There  were  so  many 
moving  parts,  and  you  had  to 
download  so  much  into  the  indi¬ 
vidual  workstation  that  it  was  very 
difficult.  Right  now,  we’re  running 
this  off  our  mainframes,  and  we 
are  using  Internet  and  intranet 
services  to  accomplish  this.”B 
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Mark  Gibbs 


IE  required:  The  government  gets  it  wrong 


“In  order  to  use  this  site, 
you  must  have  JavaScript 
enabled  and  Internet 
Explorer  Version  6. 

Download  it  from  Microsoft 
or  call  1-800-62 1 -FEMA  (3362)  to  register" 

—  from  the  Federal  Emergency  Management  Agency’s 
Individual  Assistance  Center  (www.networkworid.com, 

DocFinder  8838) 

At  the  end  of  August  there  was  a  stir  when  the  U.S. 
Copyright  Office  announced  that  to  preregister  eligible 
copyright  claims  under  the  (take  a  deep  breath  now . . .) 
Artists’  Rights  and  Theft  Prevention  Act  of  2005  (the  ART 
Act), Title  1  of  the  Family  Entertainment  and  Copyright 
Act, Pub. L. No.  109-9, 119  Stat.218  (whew!), which  the 
office  is  required  to  do  under  (here  we  go  again)  Section 
104  of  the  ART  Act,  17  U.S.C.  408(0(1),  by  Oct.  24, you 
would  have  to  use  Microsoft  Internet  Explorer. 

The  Copyright  Office  continued  with: “Support  for 
Netscape  7.2,Firefox  1.0.3  and  Mozilla  1.7.7  is  planned  but 
will  not  be  available  when  preregistration  goes  into  effect. 
Present  users  of  these  browsers  may  experience  problems 
when  filing  claims.” 

The  result  of  this  startlingly  bad  decision  was  that  every¬ 
one,  particularly  the  World  Wide  Web  Consortium  (W3C), 
was  up  in  arms. The  Copyright  Office  defended  itself  by 


arguing  that  the  mandated  date  for  implementation 
required  them  to  make  trade-offs,  so  Internet  Explorer  it 
was.  Apparently  they  were  using  Siebel,  which  limited 
their  browser  support  and,  well,  blah,  blah,  blah. 

The  bottom  line  is  that  the  Copyright  Office  made  a  bad 
decision.  Had  it  bothered  to  pay  attention  to  what  its  tar¬ 
get  users  not  only  need  but  expect.it  wouldn’t  have 
wound  up  with  pie  on  its  face. 

As  if  that  weren’t  enough  warning  for  government  wonks 
to  think  carefully  about  which  browsers  their  Web  site 
should  support,  this  week  in  the  wake  of  Hurricane  Ka¬ 
trina,  we  find  that  the  Federal  Emergency  Management 
Agency  (FEMA)  made  the  same  mistake.  And  in  a  place 
where  it  was,  to  say  the  least,  highly  visible:  The  Individual 
Assistance  Center,  a  Web  site  for  people  to  register  for  aid! 

So  if  you  were  sitting  somewhere  in  the  South  a  few 
days  ago,  at,  say  your  Macintosh,  with  polluted  water 
swirling  around  your  ankles  and  alligators  sitting  outside 
your  front  door,  and  you  thought, “Maybe  1  should  apply 
for  some  aid,”  you  would  have  been  disappointed  when 
you  got  to  the  assistance  center. 

After  making  you  take  a  Turing  test  (you  know,  enter  the 
visually  distorted  word  to  prove  you  are  human  ...tough 
luck  if  you  are  visually  impaired), you  would  have  been 
informed  that  without  Internet  Explorer  6,  you  were  SOL. 
But  call  us.  Really  We  do  want  to  help.  Honest.  Call  us. 

By  now,  I  think  you  know  me.  I  am  not  a  fan  of  any  legis¬ 


lation  that  attempts  to  define  how  technology  should 
work,  but  here  I  will  make  an  exception.There  needs  to 
be  a  bill  that  mandates  a  standard  that  defines  a  lowest 
common  denominator  of  access  that  must  be  imple¬ 
mented  by  all  government  Web  sites. 

The  standard  must  allow  for  full  access  by  all  browsers 
that  correctly  —  let  me  say  that  again:“correctly” —  imple¬ 
ment  W3C  standards.  It  must  allow  for  end  users  who 
don’t  have  the  latest  and  greatest  browser.lt  must  not 
favor  any  vendor.  It  must  allow  and  assist  end  users  whose 
browsers  are  misconfigured  or  who  are  disabled.  It  must 
not  allow  agencies  to  require  JavaScript,  plug-ins  or  any 
other  browser  enhancement  that  could  result  in  weaken¬ 
ing  the  security  of  an  end  user’s  computer. 

The  government  has  to  realize  that  the  ’Net  has  become 
the  nervous  system  of  the  country,  and  anything  that  gets 
in  the  way  of  the  flow  of  communication,  even  if  out  of 
expediency  it  seems  a  good  idea,  is  not  acceptable. 

If  you  would  like  to  complain  about  FEMAs  lack  of  fore¬ 
sight,  try  Sen.  Susan  Collins  (R-Maine)  at  (202)  224-2523  or 
Sen.  Joe  Lieberman  (D-Conn.)  at  (202)  224-4041, who  are, 
by  the  way,  investigating  FEMAs  overall  New  Orleans 
response.  Or  lack  thereof. 

You  don’t  need  Internet  Explorer  to  write  to  backspin 
@gibbs.com  or  check  Gearblog  (www.  network 
world,  com/ weblogs /gearblog). 
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News,  insights,  opinions  and  oddities 


Paul  McNamara 


Mail  call . . . 

Let’s  take  a  post-Labor  Day  dip  into  the  mailbag. 

No  recent  column  generated  more  e-mail  than  my 
deconstruction  of  a  claim  by  WeatherBug  CTO 
Christopher  Sloop  that  keeping  his  product  out  of  the 
workplace  amounts  to  callous  disregard  for  human  life, 
because  it  denies  employees  ready  access  to  emergency  alerts.  Most  responses  were 
of  the  predictable  l-just-don’t-want-that-junk-on-my-network  variety,  but  a  handful  of 
readers  made  note  of  WeatherBug's  discriminating  support  practices. 

“It  looks  like  WeatherBug  only  cares  about  the  lives  ofWindows-using  employees 
since  there  is  no  version  for  Mac  or  Unix/Linux,"  writes  Chris  Lucht.  "Maybe  it’s  part  of 
a  bigger  Microsoft  plot  to  eliminate  users  of  competing  operating  systems?" 

Nothing  like  a  good  conspiracy  theory,  I  always  say. 

Much  like  ants  at  a  picnic,  however,  there  were  a  few  WeatherBug  defenders. 

“Perhaps  you  should  get  off  your  high  horse  and  look  at  some  of  us  who  really  rely  on 
the  weather  to  get  our  jobs  done,”  writes  Joanne  Scott.  "Mr.  Sloop  is  absolutely  cor¬ 
rect  in  what  he  says  about  WeatherBug.  Let’s  hope  you  never  get  caught  in  a  storm 
while  playing  golf  because  you  ignored  the  chirp  on  your  computer  as  you  were  leaving 
your  office  to  play  a  few  holes.” 

(Which  reminds  me  of  golfer  LeeTrevino’s  old  line  about  warding  off  lightning  during  a 
thunderstorm  by  running  down  the  course  with  a  1-iron  held  aloft:  “Even  God  couldn’t  hit 
a  1-iron") 

Also  drawing  comment  was  a  column  about  a  Microsoft  blogger  who  stirred  up  a 
tempest  by  using  her  company-sponsored  soapbox  to  dump  all  over  her  co-workers. 

“You’re  absolutely  right  on,  and  Gretchen  Ledgard  should  have  been  fired,"  writes 
Chris  Munger.  "But  in  this  touchy-feely  age  of  political  correctness,  demanding  profes¬ 
sionalism  from  highly  paid  white-collar  workers  seems  to  be  out  of  vogue,  so  she'll 
probably  get  a  pass  for  that  extremely  ill-advised  rant.Thanks  for  telling  it  like  it  is 
from  an  'old  school’  perspective!” 

Not  everyone  wanted  to  rap  Ledgard’s  knuckles  with  a  ruler,  however. 

"Honesty  is  not  cheap.There  may  never  be  another  truly  honest  entry  made  by  Ms. 


Ledgard,”  laments  John  Russo.  “You  may  criticize  her,  but  at  least  she  took  the  time  to 
express  her  concerns.  I  must  admit,  however,  that  a  public  blog  probably  isn’t  the  best 
place  to  express  internal  company  problems." 

My  column  applauding  the  U.S.  Supreme  Court  for  upholding  copyright  principles  in 
the  Grokster  case  also  parenthetically  ripped  the  robed  ones  for  enabling  robber 
barons  with  their  eminent-domain  decisipn.  Reader  Howard  Stewart  has  an  interesting 
take  on  the  two  cases. 

“I  would  like  to  think  that  the  Supreme  Court  ruled  the  way  it  did  in  the  Grokster  case 
because  they  used  good  common  sense  in  interpreting  the  law,"  Stewart  writes.  “But 
then  I  realized  that  the  only  common  consideration  in  both  these  cases  was  that  the 
rulings  were  in  favor  of  big  business  both  times.  One  ruling  seemed  valid  because  it 
follows  what  we  think  of  as  common  sense.The  other  seems  bad  because  it  goes 
against  everything  we  believe  in  as  individuals.  However,  if  you  look  at  it  from  big  busi¬ 
ness’  point  of  view,  then  both  make  sense.  And  what's  good  for  big  business  must  be 
good  for  America,  right?” 

Another  column  noted  that  anti-spam  vendor  Habeas  has  stopped  using  copyright 
haiku  as  part  of  its  products,  in  part  because  it  was  easily  forged,  and,  according  to  the 
company,  "had  become  an  indicator  that  an  e-mail  probably  was  spam." 

One  reader  says  there  was  no  probably  about  it.  "The  haiku  was  always  an  indicator  of 
spam,"  writes  RichTietjens.  “Licensees  of  Habeas  were  sending  bulk  e-mail,  and  Habeas 
did  not  require  the  industry-standard  closed-loop  opt-in  before  granting  a  license;  thus  it 
was  impossible  to  be  sure  the  e-mail  was  solicited.Therefore,  we  have  always  blocked 
any  e-mail  containing  the  Habeas  haiku  —  with  exactly  zero  false  positives,  ever." 

Finally,  a  column  about  online  opinion  polls  included  this  defense  of  them  from  a  col¬ 
league:  "People  just  like  to  click  on  buttons." 

As  proof  of  that  contention,  Mark  Gloor  offers  up  a  link  to  The  Original  Pointless 
Click  Counter —  http://spod.cx/pcc/  —  which  has  been  dutifully  recording  the  point¬ 
less  clicks  of  apparently  duty-free  clickers  since  2001.  As  of  this  writing,  that’s  7  mil- 
lion-plus  clicks  and  counting. 

Write  first,  then  click.  The  address  is  buzz@nww.com. 
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With  the  performance  you  expect  from 
Foundry,  now  comes  the  price, 
flexibility,  and  density  breakthrough  you  ’  ve 
been  waiting  for.  Foundry  ’  s  integrated  Layer 
2/3  switch  delivers  an  extensive  feature  set, 
integrated  PoE,  full  layer  3  routing  (including 
OSPF  and  BGP4)  and  wire  speed  10  GE 
performance  for  Enterprise  and  Service 
Provider  environments. 


GET  SECURED.  GET  CONVERGED. 

: 


FASTlRQN  SUPERX  WITH  M2 

•  Enterprise  and  Metro  L3  backbone 
Switch 

•  High-Performance  Layer  3  Routing 

•  Up  to  1  Million  Routes  and  20  BGP 

PEERS 
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High  Density 

•  Up  to  204  Ports  GE-SFP  Mini-GBIC 

•  Up  to  204  Ports  10/100/1000 

•  Up  to  192  Ports  10/100/1000  PoE 

•  Up  to  16  Ports  10-GE 

HIGH  PERFORMANCE 

•  Wire-Speed  Every  Port 

•  Up  to  304  Mpps  Throughput 

•  510-Gbps  Switching  Capacity 

Convergence  Ready 

•  Standards-Based  Power-over-Ethernet 

•  Purpose-Built  for  Data,  Voice  &  Video 

•  Integrated  Wired  &  Wireless  Support 

IRONSHIELD  SECURITY 

•  Wire-Speed  ACLs  &  Rate  Limiting 

•  Secure  Shell,  Secure  Copy.  SNMPv3 

•  DoS  Attack  Protection 

•  802.  lx  &  MAC  Authentication 
with  Dynamic  Policy 
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COLLAPSED  BACKBONE  AND  DATA  CENTER 

FASTlRQN 

SUPERX 
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COLLAPSED  HIGH-SPEED  WIRING  CLOSET 


1  O-GE 


FASTlRQN 

SUPERX 
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FOUNDRY* 

NETWORKS 

The  Po  wer  of  Performance  ™ 


FOR  MORE  INFORMATION  PLEASE  CALL: 

US/CANADA  1  BBS  TURBDLAN, 

INTERNATIONAL  +1  408.586.1700 

OR  VISIT  OUR  WEBSITE  AT  WWW.FOUNDRYNET.COM/SX 

Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching, 
routing  and  Web  traffic  management  solutions  including  Layer  2/3  LAN  switches.  Layer  3  Backbone  switches. 
Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers. 

©  2005  Foundry  Networks,  Inc.  All  Rights  Reserved.  All  others  are  trademarks  of  their  respective  owners. 


This  is  what  we  have  in  mind  for  your  WAN, 


Most  applications  and  protocols  were  designed  to  run  locally.  Over  a  WAN,  they  grind  to  a  halt. 
That's  why  Riverbed  developed  a  solution  built  on  radically  new,  patent-pending  technology  that 
actually  delivers  LAN-like  performance  across  your  WAN..  Even  for  chatty  applications  that  can 
break  down  across  the  most  robust  networks. 

Riverbed's  proven  solution  allows  your  enterprise  to  consolidate  If  infrastructure  at  the  data 
center,  optimize  your  bandwidth  usage,  anti,  stilt  deliver  applications  and  .  data  oyer  your  WAN:  - 
at  speeds  that  make  remote  data  feel  local. 

Find  out  how  Riverbed  can  accelerate  your  business..  Visit 

www.rivcrbed.com /info/nw  to  download  your  copy  of 
the  analyst  white ‘paper  "  Wide  Aiea  Bata  Services"  today, 

Oi  call  us  at  1-87-RIVERBED  to  get  started  right  away. 


